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English Abstract: 

The invention provides a method, system, and computer program product to control the 
access, copying, and/or transfer of a digital asset (136) by mobile, wireless devices (100, 
140) using a digital voucher (137). The digital voucher (137) references a primary 



content that contains all of the expression for that particular asset (136) and a secondary 
content that contains information that can be distilled out as a preview. The information 
in the primary content can be limited to a specified duration or a specific number of 
viewings. The author, owner, or possessor of the digital asset (136) specifies the terms 
and conditions for distribution of the digital asset (136). The digital voucher (137) 
authorizes the mobile, wireless device (140) to access a specified primary or secondary 
content that may be located elsewhere in the network. The mobile, wireless device (140) 
can download a copy of portions or all of the content (136) depending on the terms 
specified in the voucher (137). 

Detailed Description: 

...primary or secondary content that may be located elsewhere in theiietwork. The mobile, 
wireless device can download a copy of portions or all of the content to be viewed, 
played, or executed, depending on the terms specified in the voucher. The principles of 
the invention apply even where the voucher and... duplicated copy of the content, based 
on the terms specified in the voucher. The principles of the invention apply even where 
the voucher and the content are located in any other nodes in the network. 

Still farther in accordance with the invention, distribution by giving or transferring 
possession of the content is accomplished by a digital voucher that is stored in the 
mobile, wireless device. The digital voucher authorizes the mobile, wireless device to 
cause the transfer of possession of a specified primary or secondary content, from a 
currently specified distributing computer to receiving terminal. The digital voucher is 
sent from the mobile, wireless device to a voucher server in the network, which 
transforms the identity of the custodian specified in the voucher from the distributing 
computer to the receiving terminal. The receiving terminal can then download the 
content from the distributing terminal, based on the terms specified in the voucher. The 
principles of the invention apply even where the voucher and the content are located in 
any other nodes in the network. 

In one aspect of the invention, the method begins by storing the primary content in a 
distributing computer. To control the disposition of the content, the mobile, wireless 
device stores a primary voucher and a secondary, preview voucher. The primary voucher 
allows the user of the mobile, wireless device to control the primary content in 
accordance with the terms and conditions specified in the primary voucher. The primary 
voucher includes a first pointer to the primary content and a. ..onto the receiving terminal 
were previously available to the mobile, wireless device. 

Further in accordance with the invention, a method is disclosed for controlling the 
transfer of dormant rights to digital asset in a mobile environment. The method begins 

by storing a digital asset content in a distributing computer in a in a first device in the 

network, the voucher including a pointer to the content, use information specifying the 
type of use intended for the content, restriction information limiting usage of the 
content, and identity information identifying a second device in the network. The 
restriction and identity inforination in the voucher prevents the first device from using the 



content. 



However, the first device can super-distribute the content by transferring the voucher 
to the second device. There, the voucher permits the second device to use the content, in 
response to the restriction and identity information in the voucher. The voucher can also 
include clearing house information which requires the second device to report is use of 
the content to a clearinghouse computer in the network. The clearinghouse information 
can include a name of the clearinghouse, its public signature verification key, and a 
network address where the use of the content can be reported. 

Further in accordance with the invention, a method is disclosed for deferring payment for 
a digital asset in a mobile environment. The method begins by storing a digital asset 
content in a distributing computer in a network. Then, in accordance with the 
invention, the method registers a buyer device in the network, with a clearinghouse 
computer in the network. The clearinghouse sends to the buyer device a certificate 
including a signing key for the buyer device and a charge authorization ticket that is 
valid for a specified total purchase amount. The buyer device then sends to a seller device 
in the network, a copy of the certificate and an offer indication to pay a price to the seller 
device for the content. The seller device verifies the validity of the certificate as the offer 
of payment by the buyer device. The seller device then sends to the buyer device a 
voucher including a pointer to the content, use information specifying the... the 
clearinghouse, the offer indication by the buyer device, to obtain compensation for the 
price of the content. In one embodiment, the clearinghouse sends a bill to the buyer 
device to collect the price. In another embodiment, the clearinghouse deducts the price 
from a prepaid amount previously paid by the buyer disclosed for controlling the 
transfer of dormant rights to digital asset in a mobile environment. The method begins 
by storing a digital asset content in a distributing computer in a.. .clearing house 
information in the voucher can requiring the second device to report is use of the content 
to the first clearinghouse 
computer in the network, 

Further in accordance with the invention, a method is disclosed for conducting 
transactions up to a limit, for transferring rights to a digital asset in a mobile 
environment. 

The method begins by storing a digital asset content in a distributing computer in a 
network. Then, in accordance with the invention, the method stores a content of a digital 
asset in a distributing computer in a network. Then the method registers a seller device 
in the network, with a clearinghouse computer in the network. The clearinghouse then 
sends the seller device a seller's voucher from, including a pointer to the content, use 
information specifying the type of use intended for the content, restriction information 
limiting usage of the content; and transaction information allowing transactions up to a 
limit, for transferring rights to the content. Thereafter, a buyer device in the network is 
registered with the clearinghouse computer. The clearinghouse then sends the buyer 
device a certificate including a signing key for the buyer device and a charge 
authorization ticket that is valid for a specified total purchase amount. Thereafter, the 
buyer device sends to the seller device, a copy of the certificate and an offer indication to 



pay a price to the seller device for the content. The seller device verifies the validity of 
the certificate as the offer of payment by the buyer device. After the verification, the 
seller sends the buyer device a buyer's voucher including a pointer to the content, use 
information to the clearinghouse, the offer indication by the buyer device, to obtain 
compensation to the seller device for the price of the content. The transaction 
information of the seller's voucher prohibits the seller device from conducting ftirther 
transactions beyond the limit. 

Further in accordance with the invention, a method is disclosed for transferring rights to 
a digital asset that includes preview copies that convey with the asset in a mobile 
environment. The method begins by storing a primary content and a secondary content 
of a digital asset in a distributing computer in a network. Then the method registers a 
seller device in the network, with a clearinghouse computer in the network. The 
clearinghouse then sends the seller device a seller's primary voucher, including a pointer 
to the primary content, use information specifying the type of use intended for the 
primary content, restriction information limiting usage of the primary content; 
transaction infort-nation allowing transactions up to a primary limit, for transferring 
rights to the primary content, and a reference to a seller's secondary voucher. In addition, 
the clearinghouse then sends the seller device the seller's secondary voucher from the 
clearinghouse, the secondaiy voucher including a pointer to the secondary content, use 
information specifying the type of use intended for the secondary content, restriction 
information allowing a preview copy of the content to be distributed to another user; 
and transaction information allowing transactions up to a secondary limit, for 
transferring a preview copy. Thereafter, a buyer device in the network is registered 
with the clearinghouse computer. The clearinghouse then sends the buyer device a 
certificate including a signing key for the buyer device and a charge authorization ticket 
that is valid for a specified total purchase amount. 

Thereafter, the buyer device sends to the seller device, a copy of the certificate and an 
offer indication to pay a price to the seller device for the content. The seller device 
verifies the validity of the certificate as the offer of payment by the buyer device. After 
the verification, the seller sends the buyer device, a buyer's primary voucher including a 
pointer to the primary content from the clearinghouse, the buyer's secondary voucher 
including a pointer to the secondary content, use information specifying the type of use 
intended for the secondary content, restriction information allowing a preview copy of 
the content to be distributed to. ..using the ID for the content and the encryption key for 
the content. Then the method sends the download token from the device to the 
distributing computer with a request to download the content after validating the 
download token. 

Then the device receives the content at the device, in response to the validation of the 
download token at the distributing computer. As a result, only authorized devices in the 
network can successfully download the content. The download token can further include 
a digital signature of the device and a certificate issued by a certifying authority that 
certifies the authenticity of the digital signature of the device. Still further, a payment 
authorization can accompany the download token sent to the distributing computer. 



In another aspect of the invention, a system is disclosed to enable a wireless device in a 
mobile communication environment, to obtain a right to give to another device, protected 
content of a digital asset stored in any one of a plurality of content servers. The system 
includes a plurality of content servers in a network, each storing a content of a digital 
asset. The system ftirther includes a voucher server in the network, for registering the di 
ital content in the plurality of content servers. In addition, the 
91 

system includes a DRM agent or payment server in the network, for obtaining 
information about the content from the voucher server. The operation of the system 
begins with a wireless device in a mobile communication environment, sending to the 
DRM agent a ...Radio Industries and Businesses. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The accompanying figures best illustrate the details of the method, system, and apparatus 
for controlling the distribution of a digital asset in a mobile communication 
environment, both as to its structure and operation. Like reference numbers and 
designations in these figures refer to like elements. 

Figure I is a network diagram that depicts the delivery of a Mobile Rights Voucher 
content package to a receiving terminal from either a distributing terminal or a network 
service. 

Figure 2 is a network diagram that expands the system shown in Figure I by illustrating 
an exemplary communication between the receiving terminal and the network service. 

Figure 3A is an abstract representation of an embodiment of a Mobile Rights Voucher. 

Figure 3B is an illustration of an XML embodiment of.. .the XML embodiment of the 
Mobile Rights Voucher shown in Figure 3 A. 

Figure 6 is a functional block diagram that illustrates the interaction of a distribution 
terminal and a receiving terminal in the distribution of a primary and a secondary 
content in the Mobile Rights Voucher copy intent process. 

Figure 7 is a functional block diagram that illustrates the interaction of a distribution 
terminal and a receiving terminal in the non-personalized Mobile Rights Voucher copy 
intent process for sending a preview copy of protected digital content. 

Figure 8 is a functional block diagram that illustrates the interaction of a distribution 
terininal, a receiving terminal, and a voucher server in the personalized Mobile Rights 
Voucher give intent process for sending a preview copy of protected digital content. 

Figure 9 is a functional block diagram that depicts a network environment for 
distributing a Mobile Rights Voucher by illustrating a use case scenario in which a 
sending terminal accesses a content service and a voucher service via a cellular network 



to purchase two screen savers. 



Figure 10 is a network process diagram illustrating the basic controlled download 
protocol between a receiving DRM device, the receiver protocol engine, the ...shown in 
Figure 12. 

DETAILED DESCRIPTION OF THE INVENTION 

Mobile Rights Voucher 

The Mobile Rights Voucher disclosed herein manages the lifecycle of a piece of content 
and the associated property rights held by the creator or agent of the digital content. In 
addition, the Mobile Rights Voucher can facilitate flexible payment for content and can 
deliver the content separate from the voucher. The Mobile Rights Voucher is a message 
that can be sent by electronic mail, a Multimedia Messaging Service (MMS), or a Short 
Messaging Service (SMS). Alternatively, the Mobile Rights Voucher can be downloaded 
using a Wireless Application Protocol (WAP) or a Hypertext Transfer Protocol (HTTP). 

Smart Content Object is a content encapsulation architecture that includes smart routing 
capabilities for content and can be useful for application routing. The Mobile Rights 
Voucher can use the Smart Content Object for expressing rights information. The Smart 
Content Object and Mobile Rights Voucher ...memory limited devices such as a mobile 
phone or a personal digital assistant. The Mobile Rights Voucher is not bound in any way 
to the Smart Content Object and can be used in other transport architectures such as 
MMS and Hypertext Transfer Protocol/Multipurpose Internet Mail Extensions 
(HTTP/MIME). 

The Mobile Rights Voucher is a "light-weight" DRM that can benefit a mobile 
environment. Additionally, the Mobile Rights Voucher can express usage rights for "low 
value" content such as cellular telephone ringing tones, operator logos, and additional 
levels for cellular telephone games. 

hi one embodiment, the Mobile ...and can allow devices that implement this specification 
to interoperate. Due to constraints of implementation and industry-wide adoption, this 
specification does not attempt to deliver on all of the promise of DRM in a single step. 
Thus, the Mobile Rights Voucher full baseline specification is split three subsets. Subset 
A of the baseline specification supports no rights for a piece of content. Subset A relies 
upon another entity such as a service provider who supplies the mobile device to 
implement the Mobile Rights Voucher as a "stub. ..upon a non-valid version of ODRL 
and is extended slightly in appropriate places to allow for the envisioned use cases. 

Figure 1 is a network diagram that depicts the delivery of content package 135 from 
either distributing terminal 100 or retail content service 110 to receiving terminal 140. 
Distributing terminal 100 is coupled to either personal area network 120 or cellular 
network 130. Personal area network 120 is a short-range network that implements an 
architecture specification such as Infrared data association (IrDA), Bluetooth, or object 
exchange architecture. Cellular network 130 is a communication network such as an 
analog signal, global system for mobile (GSM) communications, general packet radio 



service (GPRS), time-division multiple access (TDMA), or code-division multiple access 
(CDMA). In addition, cellular network 130 can accommodate Enhanced Data Rates for 
GSM Evolution (EDGE), an evolution of GSM and TDMA systems that increases 
network capacity and data rates up... personal area network 120 coupling retail content 
service 110 and receiving terminal 140. An owner (not shown) coupled to retail content 
service 110 selects to transmit content package 135 to receiving terminal 140 using 
personal area network 120. Content package 135 is the same as in the first delivery 
scenario and includes content object 136 and voucher object 137. 

The fourth content delivery scenario shown in Figure 1 involves cellular network 130 
coupling retail content service 110 and receiving terminal 140. An owner (not shown) 
coupled to retail content service 110 selects to transmit content package 135 to 
receiving ten-ninal 140 using cellular network 130. Content package 135 is the same as 
in the first delivery scenario and includes content object 136 and voucher object 137. 

Figure 2 is a -network diagram that expands the system shown in Figure I by illustrating 
the communication between retail content service 1 10 and receiving terminal 140. A user 
(not shown) is coupled to receiving terminal 140. Receiving device 140 communicates 
with retail content service 1 10 that includes content catalog 210, payment system 220, 
voucher system 230, and content hosting 240. 

When the user carries receiving terminal 140 into the communication range of retail 
content service I purchase content from retail content service 110, the user sends 
payment request 221 to payment system 220 and receives payment response 222 from 
payment system 220. The payment mechanism includes subscription-based, micro, and 
pre-paid payment systems. The payment is realized by sending an SMS message to a 
predetermined number maintained by an operator. The receipt of the message generates a 
charge to the bill the user gets from the service operator and the user can pay the fee 
using a typical telephone bill payment method. In one embodiment, the format of 
payment request 221 and payment response 222 ...HTTP. 

The user receives either a Mobile Rights Voucher or a reference to the Mobile Rights 
Voucher from retail content service 1 10 as part of payment response 222. If the user 
receives the reference to the Mobile Rights Voucher, receiving ten'.ninal 140 retrieves the 
Mobile Rights Voucher by sending voucher... voucher identifies an asset, lists the usage 
and associated constraints for the asset, includes meta-inforination to identify a voucher 
service, the asset, and a payment transaction method, and provides a mechanism to 
unlock the asset if protection is used. 

As shown in Figure 3 A, Nokia Rights Voucher 300 is a... based) 
Protection Not Available 

IMPACT Minimal impact on phone client. Legacy phones will be 

able to use content download. Need for voucher server 
(and related payment). Prepares for Phase Two service 
model. 



Subset C of the Mobile Rights Voucher DTD specification supports the second phase of 
the Light DRM implementation. The... string. The "uiX' element includes parsed 
character data. The DTD requires the presence of the "transaction" element on line 13 
because the "transaction" element specifies payment-related information in a format that 
is defined by the type of payment chosen. The "transaction" element includes parsed 
character data. The DTD requires the presence of the "usage" element on line 14 because 
the "usage" element defines... string. The "uid" element includes parsed character data. 
The DTD requires the presence of the "transaction" element on line 14 because the 
"transaction" element specifies payment -related information in a forniat that is defined 
by the type of payment chosen. 

The "transaction" element includes parsed character data. The "protection" element on 
line 15 is an optional requirement that stores protection information for the content... 
string. The "uid" element includes parsed character data. 

The DTD requires the presence of the "transaction" element on line 15 because the 
"transaction? element specifies payment-related information in a forniat that is defined 
by the type of payment chosen. The "transaction" element includes parsed character 
...voucher is delivered to a terminal it is associated with an identifier. The identifier is a 
valid URI, is delivered with the voucher in the delivery package, and is stored with the 
voucher on the terminal. Examples of the delivery packaging include multipurpose 
Internet mail extensions (MIME), multimedia messaging system (MMS) 
and NSC. Valid URI schemes include URL and MSG-ID. This supports voucher 
identification which is necessary for distribution. 

An asset (i.e., an item of digital content) is associated with an identifier. The identifier is 
a valid URI. The identifier is delivered with the asset in the delivery package and is 
stored with the asset on the terminal. Examples of the delivery packaging include MIME, 
MMS and NSC. Valid URI schemes include URL and MSG-ID. This supports asset 
identification and is critical for the expression of rights in the voucher. 

A piece of digital content delivered as part of the Light DRM system has an associated 
rights voucher that contains the usage rights controlling access to the content. 

All access is governed through the voucher and the rights expressed within the voucher. 

A system that implements the Mobile Rights Voucher architecture disclosed herein... this 
identity is not present in the terminal then the intent must not be used. The identity in the 
voucher is expressed as a URI. 

Distribution by copying the content is accomplished by a digital voucher stored at a 
user's node in the network. The user's node is the distributing terminal and can include 
the user's mobile or wireless device. The digital voucher authorizes the distributing 
terminal to cause the duplication of the specified primary or secondary content that may 
be located in the distributing terminal or elsewhere in the network. The receiving 
terminal can then download the duplicated copy of the content, based on the terms 



specified in the voucher. 

As shown in Figure 6, the Mobile Rights Voucher includes support for the 
distribution of content using a "copy" intent and a "give" intent. These are only two of 
the building blocks used in the creation of a content super distribution business. 

The "copy" intent has the semantics to make a faithful duplicate of the content resulting 
in a new instance with the same specified rights (the "duplicate" here refers to the new 
instance). The copier does not lose any rights to the content. The copied assets may have 
to be regenerated if the voucher is "personalized" (this will be discussed later). 

If a voucher does not contain a. ..itself that allows secondary voucher 614 to create a 
duplicate of itself If an application supports the Mobile Rights Voucher copy or 
forwarding feature, the user can invoke a forwarding operation to copy the content to 
another user coupled to receiving terminal 240. The "copy" intent associated with 
primary voucher 612 duplicates primary content 602 as primary content 622, and signals 
secondary voucher... are the same as with copy. Thus, give is performed with the aid of an 
intermediary voucher server rather than performing the give from one terminal to 
another. 

The remaining rights differ from the "copy" intent. When a voucher is given to another 
party only the remaining rights from that voucher can be given, hi this scenario, the giver 
uses an intermediary voucher server rather than performing the... encryption, and a 
combination of tamper resistance and encryption. The protection strategy depends on 
features of the device and the time-sensitive nature of the content. 

1 5 The Mobile Rights Voucher can be used in solutions where the content is of a very 
low value but is distributed in a very large volume. In this environment, distribution 
costs are very low. In addition, the need for protection is balanced with the content value, 
cost of protection (terminal and network infrastructure) and the consumer usability 
issues. 

If the Mobile Rights Voucher protects the operating environment, it is not possible for 
content with associated Mobile Rights Voucher vouchers to be distributed outside the 
operating environment. This is termed a "closed system" approach. The major cost in this 
solution is to engineer terminals that will respect this restriction for content with 
vouchers and to ensure that inter- operating tenninals (developed by other vendors) will 
also respect the closed system requirement. On the other hand, if... itself that allows 
secondary voucher 714 to create a duplicate of itself. 

If an application supports the Mobile Rights Voucher non-personalized copy feature, the 
user can invoke a forwarding operation to copy the content to another user coupled to 
receiving terminal 240. When the user selects to send a preview voucher to receiving 
terminal 240, the distributing terminal 200 retains ... fully automatic. User interactions 
should not be inserted in the client-server interaction. The mechanism above can be 
described as "I want to give this content to someone to whom I will give the index 



created by the voucher server". 



Distribution by giving the content is accomplished by a digital voucher stored at a user's 
node in the network. The user's node is the distributing terminal and can include the 
user's mobile or wireless device. For example, the digital voucher can authorize the 
distributing terminal to cause the giving of a preview copy of a digital asset to a 
receiving terminal. The digital asset may be located in the distributing terminal or 
elsewhere in the network. The user invokes a give operation in the distributing ten- 
ninal, to send a copy of a secondary voucher specifying the preview rights, to a voucher 
server. The voucher server recognizes the give operation and responds with a reference 
voucher that includes an indication of no rights to the primary content. The distributing 
terminal receives the reference voucher from the voucher server. The distributing 
terminal then sends the reference voucher ...that allows 
secondary voucher 814 to create a duplicate of itself 

If an application supports the Mobile Rights Voucher personalized give feature, 1 5 the 
user can invoke a forwarding operation to copy the content to another user coupled to 
receiving terminal 240. When the user selects to send a preview voucher to receiving 
terminal 240, a copy of secondary voucher 814 is ... small. 

The following is an exemplary voucher that demonstrates the voucher when it is 
embedded into a MWE multi-part package. 

MIME- Version: 1.0 

Content-type: multipart/mixed; boundary=l 1 simple boundary" 

-Simple boundary 

Content-type: text/MRV; 

<rights> 

<usage> 

<asset>mid: 1 @a.b</asset > 

<display></display> 

</usage> 

</rights> 

— s imple boundary 

Content-type: vnd.nok.screensaver; Content -transfer -encoding: base64 

Message-ID: <I@a.b> 

— base64 encoded content information 

— base64 encoded content information 

— base64 encoded content information 

— base64 encoded content information 

— base64 encoded content information 

—simple boundary-In the above example, the full display rights are embedded into a 
MIME multi-part package and associated with the content element of the parent voucher. 
Thus, the voucher is very small. 

Figure 9 depicts a network environment for distributing a Mobile Rights Voucher that 
presents voucher related issues and example vouchers. In the use case scenario shown in 



Figure 9, a sending user (not shown) coupled to sending terminal 900 accesses content 
service 930 and voucher service 940 via cellular network 130 to purchase two screen 
savers. Since the sending user is happy with the purchase, sending terminal 900 forwards 
a preview copy of the screen savers to receiving terminal 910 via personal area network 
120. A receiving user (not shown) views the preview copy of the screen savers to 
evaluate the screen savers. If the receiving user is happy each screen saver. The MMS 
message also contains a full rights voucher and a preview voucher. The full-right voucher 
is personalized for sending terminal 900 and supports forwarding a preview copy to 
another user for a limited period of time. The preview voucher allows a one-time 
preview of the assets and supports forwarding of the preview voucher to... 13 
Narrow 14 
Constrain 15 
Count 16 
Start 17 
End 1 8 
Datetime 19 
Individual 1A 
Table 1 

Using Independent Clearinghouses for Monitoring Digital Rights Transfer 
Transactions 

An important aspect of digital rights management is the design of mechanisms that can 
enable ...types of revenue sharing among the players involved (e.g., publishers, resellers, 
etc.). This invention proposes a flexible and scalable mechanism. 

New copies of digital content can be created effortlessly. This enables large-scale 
distribution and super-distribution of the content. To share revenue effectively, the 
creation of new copies needs to be accurately monitored. Typically, a clearinghouse 
monitors the copies and may be tightly integrated with the DRM system (e.g., a single 
global clearinghouse, or a single network of clearinghouses). 

The described scheme for reporting new copies is extremely flexible. In the most general 
case, this scheme ...check whether a manufacturer (directly or indirectly) certifies the 
specified clearinghouse. If not, step 2 above will fail. Certifying clearinghouses may 
allow the manufacturer to charge the certified clearinghouses. But technically, such a 
certificate is not necessary. A compliant device may enforce vouchers for any 
clearinghouse. This may enable widespread grass-roots level publishing of content. 

Charging-Independent Method for Containing Off-Line Super-Distribution of 
Material with a MonetaKy Value in a DRM Environment 

One of the bigger hindrances of off-line (ad-hoc) super-distribution is the collection of 
rights and other charges. This invention formulates a method for partially guaranteeing 
that all players in a DRM transaction eventually get their dues. The solution has been 
developed with a mobile music player in mind, but applies as well to any kind of digital 
content in a DRM scheme. 

DRM infrastructures generally enforce protected distribution and presentation of digital 



content so that digital rights can be protected and necessary charges collected for the 
rights owners. Payment or charging solutions, with the exception of some electronic 
payment'solutions, normally require network interaction with a charging server of some 
sort. In an ideal DRM model, users should be able to spread or move content between 
themselves in various manners defined by the rights associated with the content. One 
model allows content distribution to be charged for between users outside of network 
coverage (only peer-to-peer connection between users). This model usually either 
assumes the existence of a payment scheme that is integrated with the DRM or that the 
selling user has purchased additional rights in the first place that he then can sell forward 
in the off-line case. Related problems usually involve currency conversions, taxation 
requirements and distribution of monetary value to all involved partners in the 
distribution chain. 

Previously, this problem was solved by. 

1 . Enforcing a network connection through a ubiquitous network connection (e.g. 
distribute content over infrared); 

15 2. Including a payment scheme in the DRM infrastructure; and 

3. Requiring the purchasing user to purchase "additional" rights in advance, in the form 

of a "season ticket" or equivalent. 

This solution is. 

1. Independent of the payment or charging mechanism; and 

2. Makes ad-hoc or "spur of the moment" distribution of content available while still 
restricting the monetary risk for the involved rights owners. 

Thus, the problem involves how to support off-line super-distribution, that is, if you give 
me a copy, so that the recipient can use the content right away ...off-line. The next time 
user A is on-line, user A can submit the signed statement to the clearinghouse. The 
clearinghouse can then either bill user B or deduct the amount from a pre-paid account. 
The clearinghouse can also give user A credit for the sale (e.g., a.. .Most users behave 
more or less rationally. In this scheme we let the users or devices acquire a certain 
amount of debt (unrelated to any charging/payment mechanism) off-line, and tic this 
debt to the DRM device. The debt is tied based on the rule that the total value of 
the... device. So the user of the device is motivated to clear the debt of the device the next 
time when he is connected to the network by the fact that he again has the "whole 
spending limit" to use in upcoming off-line situations. 

Off-line transactions that can increase the debt of device come in two forms. 

First, user A sells content to user B and collects money immediately. In this case the debt 
will be tied to the device associated with user A. No debt is tied to the buying user. 

Second, user A "sells or distributes" content to user B and the buyer "promises" to pay 



later (when he comes into network coverage again). In this case the debt will be tied to 
the device associated with user B. No debt is tied to the selling user... lack of storage on 
portable devices, a user cannot keep copies of all the content for which he bought rights. 
He should be able to pay for the content once, use it, delete it to use the storage space for 
some other purpose, but later download the same content without having to pay again. 

One approach is to assume that all copies of a given piece of content are encrypted with 
the same key and that the encrypted... to download encrypted content may be undesirable, 
for example, during peak hours. This requires a way to perform controlled content 
transfers. One solution is to charge for content downloads. Another solution is to require 
that the receiving device prove its knowledge of the content encryption key by 
constructing a download token... Methods to generate and evaluate digital signatures to 
insure the source of the digital program are described in the book by Richard E. Smith 
entitled Internet CKOtogrgp , published by Addison Wesley, 1997. To insure that the 
source of the data cannot be repudiated, a digital signature can be appended to the data, as 
described in the book by Richard E. Smith. 

Lending Rights to DRM Protected Content 

The content is transferred from one consumer to another by means of portable media 
such as compact disk or floppy disk. Prior to transferring the content, the sender opens 
a transaction with a clearinghouse and informs it about the transfer of rights. The sender 
opens the existing license and then encrypts it with the receiver's public key. The receiver 
can then use the loaned content based on the business rules in the license. The content is 
returned to the original sender in the same way as it was sent in the first place. 

Another way to transfer content is to send a reference to the receiving consumer, which 
indicates where to get the new license for the content. The ... the new license via this 
connection, This way the receiving consumer does not need to send it's public key to the 
sender. 

When the content is DRM protected, it cannot be lent to another persons use in a 
traditional way because the license is tied to one device at a ...impossible to positively 
identify the user (several users may get the same ID). 

Distributed Rights Gateway System in a Mobile Environment 

This invention relates to distributed rights management in the context of mobility. 

This invention also utilizes a distributed payment mechanism. Scenarios of right 
updating and super-distribution are considered. Storage of -rights remotely is considered 
for device portability. 

This invention is a model of highly distributed systems suitable for mobile 
environments. Rights of ownership and usage of a content for a mobile user is achieved 
through mutable and mobile metadata associated with content. Distributed payment 
nodes control the mutation of metadata. This metadata is solely responsible for decision 
to let the user use content. This metadata is replicated to a server near the user. If the 



device moves to a location closer to another server, the user's rights in the form of 
Metadata is transferred to this new server. 

The invention aims to solve the problem of network latency in acquiring rights to use 
content in a mobile device. This invention also backs up rights in a server that is more 
reliable than a mobile device and solves the problem of super-distribution through rights 
portability. 

Earlier solutions required generation or updating of rights for a content from a remote 
retail site. Since there is only one place where rights can be obtained, it is not the best 
solution for mobile environments keeping network latency and fault tolerance in mind. 

By storing the rights in a decentralized fashion and also updating them in a decentralized 
fashion through appropriate payment nodes, this invention will minimize the network 
latency to update rights for any content. The decentralization of rights storage will help in 
their backup that is an important use case for mobile devices. This invention emphasizes 
that only the payment nodes are ...user wants to update his rights for content, he contacts 
rights gateway 1 120 through an agent on mobile device 1110. Rights gateway 1 120 will 
use payment node 1 122 to update the metadata associated with the digital content. The 
metadata is available in an encrypted form and can only be updated by rights gateway 
1 120 after approval by payment node 1 122. The user will then download this metadata 
with updated rights. The user is then free to continue using the digital content. If the user 
wants to use the content in another device, he can transfer the content to the other 
device. ...device that plays the digital content will look at the metadata to identify if the 
user has adequate rights to use the content. If the user wants to distribute the content to 
another user (recipient), he will transfer the metadata associated with the content to the 
recipient's rights gateway, rights gateway 1 150. This gateway will change the fields 
within the metadata such that it belongs to the recipient and also contacts payment node 
1 152 to purchase the rights. 

Once the rights are purchased, the recipient is free to download content and its associated 
rights to his device... perform the following 
operations on the metadata. 

1. Mutate the metadata, to reflect changes to rights and rules associated with content and 
user; 

2. Obtain payment authorization to change the rights portion of inetadata; 
3 .Send the payment data capture information to clearinghouse 1140; 

4. Send the authorization reversal request message to the backend payment system and 
change the rights associated with the metadata accordingly; 

5. Handle an error returned by backend payment system; 

6. Handle super-distribution by exposing a method that accepts a metadata and recipient 
ID, then ...using a DRM technology that provides a trusted environment for the various 
components of the system. It is important that all the software entities like payment 
nodes, rights gateway, and players are trusted. The Nokia niPlatform standard, a 
comprehensive answer to the challenge of setting up portals throughout national and 



international networks, can be used as an interoperability standard for payment nodes 
and rights gateway. 

...Digital Rights Management is a technology providing mechanisms for controlling 
consumption of digital content. DRM is already being used to some extent in the wireline 
Internet domain, but there is currently no wide-spread DRM system that is used in the 
mobile domain. Today copy protection is done in the mobile domain with so called 
forward-lock method in which the terminal disables the ability to forward the piece of 
content (e.g. ringing-tone) to another terminal. 

One of the attractive features of DRM is super-distribution, that is, the ability to forward 
content from peer-to-peer and still enabling that the content owner gets paid for each 
copy. The forward-lock method effectively kills super-distribution and thus we need to 
discover other DRM mechanisms. The problem with super- distribution is that once it is 
enabled, it is really difficult to control the bits that are distributed from peer-to-peer. 

That is a natural law of the digital world, bits are inherently easy to copy and modify. 

Cryptography is the only practical technology that can be used to control the content 
consumption if super- distribution is used. That means that the content is encrypted and 
the decryption key is delivered to those terminals that have paid to consume the content. 

In other words, DRM enables the paid content model, that is, the content is paid for 
when it is consumed. Thus, payment is an important function in any DRM system, 
although it can be considered as separate to DRM. 

The invention is the architectural model of the voucher server based Mobile DRM system 
that enables one to utilize cost-efficient mobile operator payment systems. 

The novelty value of this invention comes from the utilization of the mobile payment 
service provisioning also to manage digital rights-related payment collection. In effect, 
this means mobile optimizing the DRM system. The most obvious benefits of this 
approach are the ability to utilize mobile network operator payment systems, related 
agreements, and user interaction, and minimization of the over-the-air information 
exchange between mobile terminal and network. 

The Internet- optimized DRM systems assume that payment is done with some 
mechanism in the retail site but do not describe how. That may be due to the lack of 
effective micro-payment and mini- payment methods on the Internet (as compared with 
operator billing in the mobile Internet). Thus, the common approach is to separate the 
payment to be handled as, for example, Internet credit card transaction. 

We made the same error in our earlier thinking. Our original architecture was similar to 
the others, but after reviewing that with our mobile payment people we ended up turning 
the architecture upside-down. We believe that this new model has novelty value and is a 
practical way to implement... can be used to discover the terminal's public (if 1 5 



asymmetric algorithms are used) or secret key (if symmetric algorithms are used); 

8. Payment Service Provider model is used for handling payments; 

9. The end user has configured at least one Payment Service Provider into his mobile 
terminal; and 

10. Payment server handles the user interface during voucher acquisition. 

The invention is one way to solve the generic problem that all DRM solutions try to solve 
cost-efficient payment mechanism. Digital content for the mobile domain is cheap (a few 
euros or less). In addition, it is likely that the end user will buy... creators with a 
possibility that their content can populate the whole mobile domain. Further, the content 
originators can use a relatively limited number of mobile payment service providers 
(e.g., deals with all leading operators in a given market) to conveniently to reach almost 
the whole market. 

This all sums up to the fact that each end user will have to pay a small amount of money 
to a large number of retailers throughout the world. It is not cost-efficient for those 
retailers to send invoices for small payments. It is also inconvenient for the end user as 
well. 

Our invention introduces the Payment Service Provider (PSP) model into DRM. 

The Payment Server is run by an entity that has a close relationship with the end user 

such as the mobile operator. The PSP infon-nation (access the end user's own mobile 

operator - but this is not mandated in our architecture. The PSP could be any party that 
has a flexible billing mechanism based on a user friendly authentication mechanism. 

Mobile operators have access to the operator billing system that is the most convenient 
payment mechanism for small payments. And that can be based on userfriendly 
MSISDN authentication (i.e., authentication that employs the mobile identity number of 
the mobile enables one to use operator billing for all DRM related payments by 
introducing the Mobile Payment Service Provider model into DRM. The Mobile Rights 
Voucher architecture has mobile optimizations and makes the Payment Service Provider 
the "user interaction agent" instead of the retail site. 

The disadvantage of this solution is the fact that Mobile Payment Service Provider 
(mPSP) controls the user interaction with the consumer. This principle is quite 
mobileusage centric and not as flexible as the Web model. However ...of the architectural 
elements of the Mobile DRM system. The architectural elements that comprise the 
Mobile DRM system include content server 1260, voucher server 1250, payment server 
or DRM Agent 1220, and terminal 1210. Content server 1260 is a web server that is used 

to distribute content to end users and 1250 handles content registration requests from 

Content Servers (price, optionally content encryption key generation, optionally content 
ID generation) and handles also voucher generation requests from Payment Servers 
(receives content ID and terminal's DRM ID and generates in return a voucher for that 
specific terminal and piece of content). 



Payment server or DRM Agent 1220 handles user interface during voucher acquisition, 
communicates with a back-end payment mechanism (e.g. operator billing, credit card 
system) and requests vouchers from the Voucher Servers for end users. Terminal 1210 
downloads content from Content Servers, acquires via Payment Server vouchers that 
enable the terminal to access content. Content may be distributed from terminal to 
terminal (super-distribution). 

Figure 15 is a flow diagram... Terminal 

1210 through the DRM Agent 1220. During message flow "4. ACCEPTANCE", 
Terminal 1210 sends a message accepting the received offer. During message flow "4a. 

PAYMENT", DRM Agent 1220 handles the payment transaction with the Payment 
Server 1500. During message flow "5. VOUCHER REQUEST", DRM Agent 1220 
requests Voucher Server 1250 to generate the voucher. During message flow "6. 

VOUCHER DELIVERY usage limitations for the content. 

The following discussion of content server 1260, ten-ninal 1210, DRM agent 1220, 
payment server 1500, and voucher server 1250 shown in Figure 12 and Figure 15, as 
well as the relationships CS-VS, DA-VS, T-DA, CS... content to the CS for distribution 
to end users. After registration process the VS is able to handle voucher requests (for that 
specific content) from Payment Servers. 

DRM Agent- Voucher Server Interface DA-VS - The DRM Agent (DA) requests 
information from VS about a piece of content (identified with a content... end user wants 
to consume Unpaid content. 

Terminal passes information about the content (content ID, Voucher Server URL (carried 
with the content) to its own Payment Service Provider (PSP) that operates the DA. DA 
sends an offer to the Tenninal and the terminal accepts or rejects it. If the offer is 
accepted, DA handles the payment transaction (e.g. operator billing) and requests a 
voucher from the VS through DA-VS interface and delivers that voucher to the terminal. 

Terminal-Content Server Interface CS-T - The terminal downloads protected content 
from the CS. 

Terminal-Tenninal Interface T-T - The terminal super-distributes content to another 
terininal. 

DRM is a technology that provides us with a promise that we are able to control the 
consumption of digital content. This can be... paid content model). 

This results in three major requirements for the DRM system. 

a) The DRM system must be able to control the consumption of content (i.e. copy 
protection); 



b) The DRM system must enforce the paid content model (i.e. a convenient and cost 
efficient payment mechanism must be... and (c) seem to conflict, they can be falfilled if 
the protection mechanisms and content distribution mechanisms are orthogonal, that is, 
the DRM system is content transport agnostic. This implies that piggybacking transport 
layer security mechanisms for content protection purposes may result in a system that 
severely restricts the content distribution possibilities. 

Super- distribution is a great opportunity for content owners, Each piece of content has 
a possibility to get distributed from peer-to-peer to a large population. 

Whether that happens for a particular piece of content or not depends on end user's 
subjective perception of the quality and price of the content. People vote with their 
forward-buttons. We want to encourage these kind of dynamics that reward content 
owners with great content. 

The main operative fimctions of the DRM system are. 
. Content registration to the DRM system; 

2. Content distribution to end users (from network to terminal and terminal to terminal); 
3 . Voucher acquisition process that enables the end user to consume the content. This 
includes the payment process; and 

4. Money settlement process during which each value chain participant gets his share of 
the money collected ftom the end user. 

Figures 13... the end user. If end user accepts the offer DRM Agent deducts the 
appropriate amount of money from the end users account (e.g. operator billing) and 
requests the Voucher Server to generate one voucher for that terminal. The voucher is 
then sent to the terminal and after that the terminal in the value chain gets a separate 
share of the money. 

DRM Agent is entitled to its share because it takes care of the payment transaction with 
the end user. DRM Agent keeps track of all issued vouchers. 

Voucher Server is the middleman between Content Servers and DRM Agents 
and.. .content and the Voucher Servers that generate the vouchers (i.e., DRM Agent plays 
a central role in the voucher acquisition process) especially in the payment transaction. 
The rationale for introducing a middleman is related to the difficulty of doing cost- 
efficient and convenient invoicing between multiple Voucher Servers and the end user. 

The most important role of the DRM Agent is to handle the payment collection from the 
end user before the voucher is issued by the Voucher Server. This implies that there is a 
close relationship between the end.. .the mobile operator (i.e., the terminal always initiates 
the voucher acquisition dialog with one of the end user's own DRM Agents). 

The External Payment System may be, for example, operator billing system or credit 
card payment system. 



All of the terminal management issues are separated to a DRM Terminal 
Infrastructure (DRMI). These include mechanisms for terminal initialization, 
personalization, key renovation and... communications must be protected. SOAP requests 
and responses over http with a SSL connection. VS acts as an http-server, CS as an http- 
client. Content registration may be quite infrequent in some cases. This implies that the 
interface ...can also be implemented with, for example, secure electronic-mail messaging 
between CS and VS operators. 

Referring again to Figure 12 and Figure 15, the Content Server- Terminal CS-T interface 
is used to distribute the DRM protected content from the Content Server to the 
Terminals. Content object downloading network originated MMS messaging. There are 
no major security requirements for this interface. However, it is useful but not mandatory 
for the end user to authenticate the Content Server. The same goes for the other way 
around, although that is just nomial behaviour of a Content Server and thus out of the 
scope of the DRM system. Spamming control needs to be implemented at some stage. 

Content downloading in a standard http/WAP-browsing session. The content may be 
wrapped inside a MIME or WAP multi-part message. Content may also be distributed 
with MMS messaging. Since AIMS messages are based on RFC 822 the wrapping is 
similar to the browsing/downloading scenario. The actual transport mechanism should... 
object is DRM specific. 

Referring again to Figure 12 and Figure 15, the Terminal-DRM Agent T-DA 
interface is used to acquire a voucher. Payment transaction is done via this interface. For 
voucher acquisition, the terminal initiates the acquisition process (T=>DA: CID, 
Transaction ID, Voucher Server URL, Ten-ninal's DR-M ID), DRM Agent responds and 
sends optionally an offer for the voucher, end user accepts or rejects the offer and 
performs payment related authentication, DRM Agent sends the voucher to the terminal. 

For GIVE voucher acquisition, the tenninal initiates GIVE voucher acquisition process 
(T=>DA: CID, Transaction the offer and performs payment related authentication, DMR 
Agent sends the GIVE voucher to the terminal, terminal sends the GIVE voucher to 
another terminal (interface T-T). For GIVE voucher... SSL connection. VS acts as an http- 
server, DA as an http-client. 

Referring again to Figure 12 and Figure 15, the DRM Agent-External Payment System 
DA-EPS interface is used to collect real money from the end user. The implementation of 
this ...of arrengements are done between Content Server and Voucher 
Server, End user (terminal) and DRM Agent, DRM Agent and Voucher Server, DRM 
Agent and External Payment System, ... disables the end-user from forwarding the 
content to another terminal. Thus, everyone must get their ringing tone or whatever from 
the retail site and pay for it. 

If we enable super-distribution the rules of the game are radically different. It gets very 
hard to keep the content within a... prevents the end user This is already used in Nokia 



mobile lock to forward the content to another phones with e.g. ringing tones, 
terminal. Payment is done before Forward-lock kills super-distribution, 
downloading the content. 

Link ...This is content forward-lock, but Content is always downloaded from the 
forwarding allows the end user to forward the URL into the terminal and payment is 
content URL. done before content downloading. This is 
an attempt to provide the functionality and 
user experience of super-distribution 
without a need for... a mobile 

communication enviromnent with a wireless terminal by means of vouchers, which are 
issued by a voucher server having a connection to the mobile network of the terminal 
and having a connection to at least one content server. The vouchers issued by the 
voucher server contain usage rules, rights, and business rules relating to a content item 
and to the user. The voucher is connected to the content but is separate from the content. 
The voucher is deliverable separately from the content as specified by the terminal or 
the user to a terminal and/or to a server within the communication network for further 
processing and/or for acquiring the issued rights. 

Method and System for Acquiring Rights for Copyright Protected Content 
Method for acquiring rights for (copyright) protected content in a mobile communication 
environment with a wireless terminal by means of vouchers, which are issued by a 
voucher server having a connection to the mobile network of the terminal and having a 
connection to at least one content server. The method comprises steps of creating a 
connection with the content server (and the payment server), selecting at least one 
content item from a plurality of content items on a content server, specifying the scope of 
rights to the chosen content item(s), making payment(s) for the selected content item(s), 
receiving the voucher(s) for the selected and purchased content itern(s), and storing the 
received voucher(s...a mobile communication environment by means of a wireless 
terminal using vouchers, which are issued by a voucher server having a connection to the 
mobile network of the terminal and having a connection to at least one content server 

and which vouchers specify at least a part of the scope of terminal or at a server 

having connection to the terminal and accessible to the user of the terminal for 
controlling the use of the specified content item, e.g., for consuming and/or other 
(further) processing, e.g., downloading, storing, super-distributing etc. as specified in 
the voucher. The specified content is delivered to the specified location after the validity 
and/or authenticity of the voucher is verified. In super-distribution the super-distributed 
content is made available according to the usage rules for that content item. 

Method and System for Transferring Access Rights to Copyright Protected Content 
Method for transferring access rights to (copyright) protected content in a mobile 
communication environment by means of a wireless terminals using vouchers, which are 
issued by a voucher server having a connection to the mobile network of the terminal and 
having a connection to at least one content server. According to the method at least one 



acquired voucher specifying the scope of the rights to a content item is accessible to the 
user of the tenninal for controlling the use of the specified content item, e.g., for 
consuming and/or other (further) processing, e.g. downloading, storing, super- 
distributing etc. as specified in the voucher. The voucher can be stored at the first 
terminal and/or at a server having connection to the first... to the information concerning 
the voucher, also such information on the receiving terminal that the transaction can be 
fulfilled (identification of the second terminal and payment server of the second 
terminal). The voucher of the first terminal is modified according to the transfer intent. 

The resulting invention is applicable to virtually... 



Claims: 

...mobile environment 

comprising :browsing a content server coupled to a voucher server to locate the digital 
asset; offering to purchase the digital asset from a <B>payment</B> server coupled to 
the vouchersen enreceiving a purchase price for the digital asset from the 
<B>payment</B> server, the purchase price responsive to an inquiry by the 
<B>payment</B> server to the voucher server; and receiving a voucher from the 
<B>payment</B> server.I 0 
2 The method of claim 1, fluther comprising: 

registering the digital asset with a voucher server by:assigning ...receiving a preview 
copy of the digital asset from the other mobile device;evaluating the preview 
copy;offering to purchase the digital asset from a <B>payment</B> server coupled to the 
voucherserver based upon the evaluating of the preview copy receiving a purchase price 
for the digital asset from the <B>payment</B> server, the purchase price responsive to 
an inquiry by the <B>payment</B> server to the voucher server; and receiving a voucher 
from the <B>payment</B> server. . A method for controlling the distribution of a digital 
asset in a mobile environmentcomprising:requesting the digital asset from another mobile 
device, offering to purchase the digital asset from a <B>payment</B> server coupled to 
the voucherserver;receiving a purchase price for the digital asset from the 
<B>payment</B> server, the purchase price responsive to an inquiry by the 
<B>payment</B> server to the voucher server; and receiving the digital asset from the 
<B>payment</B> server. I 0 7. A method for controlling the copying of a primary digital 
asset in a mobileenvironment comprising: storing a primary content in. ..digital rights 
voucher in accordance with said primary first information of the primary XML digital 
lights voucher. 1 5 18. A method for controlling the <B>transfer</B> of dormant rights 
to digital asset in a mobileenvironment comprising: storing a digital asset ...method for 
controlling the transfer of dormant rights to digital asset in a mobile3 0 environment 
comprising: storing a digital asset content in a <B>distributing</B> computer in a 
network; storing a voucher in a first device in the network, the voucher including: a pointer 
to the <B>content</B>;use information specifying the type of use intended for the 
<B>content</B> restriction information limiting usage of the <B>content</B>;identity 
information identifying a second device in the network; andclearing house 



information;preventing the first device from using the <B>content</B>, in response to 
the restriction andidentity information in the voucher;<B>transferring</B> a new copy of 
the voucher to the second device in the network; permitting the second device to use the 
<B>content</B>, in response to the restriction andO identity infon-nation in the voucher; 
andrequiring the second device to report is use of the <B>content</B> to a clearinghouse 
computer in the <B>network</B>, in response to the clearing house information in the 
voucher. 

20 The method of claim 19, wherein the clearinghouse information further comprises: 5 a 
name of the clearinghouse, its public signature verification key, and a network address 
where the use of the content can be reported. 

21 A method for deferring payment for a digital asset in a mobile environment 
comprising: storing a <B>content</B> of a digital asset in a <B>distributing</B> 
computer in a <B>network</B>; registering a buyer device in the <B>network</B> with 
a clearinghouse computer in the<B>network</B> receiving at the buyer device a 
certificate from the clearinghouse, the certificate including a signature verification key 
for the buyer device and a <B>charge</B> authorization ticketwhich is valid for a 
specified total purchase amount;sending from the buyer device to a seller device in the 
network, a copy of the certificate and an offer indication to <B>pay</B> a price to the 
seller device for the content; verifying by the seller device the authenticity and the 
validity of the offer indicationusing the. ..device, to obtain compensation to the seller 
device for the price of the content. 

22 The method of claim 21, which further comprises: 

sending a <B>bill</B> from the clearinghouse to the buyer device to collect the 
<B>price</B>.I 0 

23 The method of claim 21, which finiher comprises: 

deducting by the clearinghouse the <B>price</B> from a <B>prepaid</B> 
<B>amount</B> previously <B>paid</B> by the buyer device. 1 5 24. The method of 
claim 21, which further comprises :<B>adding</B> by the clearinghouse the 
<B>price</B> to a debt <B>amount</B> to be <B>paid</B> by the buyer device. 

25 ...of claim 21, which further comprises: 

providing a bonus from the clearinghouse to the seller device as the compensation. 

26 A method for controlling the transfer of dormant rights to digital asset in a mobile 
environment comprising:storing a digital asset content in a distributing computer in a 
network; storing a.. .match with the specification of thefirst clearing house in the 
voucher;transferring a new copy of the voucher to the second device in the 
<B>network</B>, thesecond device being registered with the first 
clearinghouse;permitting the second device to use the content, in response to the 
clearinghouse information, because the first clearinghouse matches with the specification 
of the firstclearinghouse in the voucher; and requiring the second device to report is use 
of the <B>content</B> to the first clearinghouse computer in the <B>network</B>, in 
response to the clearinghouse information in the voucher.I 0 

27 A method for conducting transactions up to a limit, for transferring rights to a digital 
asset in a mobile environment, comprising:storing a <B>content</B> of a digital asset in 
a <B>distributing</B> computer in a <B>network</B>; registering a seller device in the 
<B>network</B>, with a clearinghouse computer in the5 <B>network</B> receiving at 



the seller device a seller's voucher from the clearinghouse, the voucherincluding:a pointer 
to the <B>content</B>;use information specifying the type of use intended for the 
<B>content</B> restriction information limiting usage of the <B>content</B>; 
andtransaction information allowing transactions up to a limit for 
<B>transferring</B>rights to the <B>content</B> registering a buyer device in the 
<B>network</B>, with the clearinghouse computer in the<B>network</B>;receiving at 
the buyer device a certificate fi-om the clearinghouse, the certificate including a signature 
verification key for the buyer device and a <B>charge</B> authorization ticketthat is 
valid for a specified total purchase amount;sending from the buyer device to the seller 
device a copy of the certificate and an offer indication to <B>pay</B> a price to the 
seller device for the content;verifying by the seller device the authenticity and the validity 
of the offer indicationusing the... monetary value of sales of the content. 

30 The method of claim 27, wherein the limit is based on the number of resales of the 
content. 

31 The method of claim 27, wherein the limit is based on an accumulated count of the 
number of sales of the content. 

32 The method of claim 27, wherein the limit is based on a number of preview copie's of 
the content that are distributed. 

33 A method for transferring rights to a digital asset that includes preview copies that 
convey with the asset in a mobile envirom-nent, comprising: storing a primary 
<B>content</B> and a secondary <B>content</B> of a digital asset in a 
<B>distributing</B>computer in a network;registering a seller device 
...network;receiving at the seller device a seller's primary voucher from the 
clearinghouse, theseller's primary voucher including: a pointer to the primary 
<B>content</B>;use information specifying the type of use intended for the primary 
<B>content</B>;restriction information limiting usage of the primary 
<B>content</B>;transaction information allowing transactions up to a primary limit 
for<B>transferring</B> rights to the primary <B>content</B>; anda reference to a 
seller's secondary voucher;receiving at the seller device the seller's secondary voucher 
from the clearinghouse,! 0 the seller's secondary voucher including:a pointer to the 
secondary <B>content</B>;use information specifying the type of use intended for the 
secondary<B>content</B> restriction information allowing a preview copy of the 
<B>content</B> to bel 5 <B>distributed</B> to another user; andtransaction 
information allowing transactions up to a secondary limit, fortransferring a preview 
copy;registering a buyer device in the network with the clearinghouse computer in 
the<B>network</B> receiving at the buyer device a certificate from the clearinghouse, 
the certificate including a signature verification key for the buyer device and a 
<B>charge</B> authorization ticketthat is valid for a specified total purchase amount; 
sending from the buyer device to the seller device a copy of the certificate and anoffer 
indication to <B>pay</B> a price to the seller device for the content;verifying by the 
seller device the authenticity and the validity of the offer indicationusing the... reference 
to itself, allowing the seller's secondary voucher to create a duplicate of itself. 

39 A method to control the downloading of digital asset content from a server to protect 



against resource exhaustion in a mobile environment, comprising: storing a digital asset 
content in a distributing computer in a ...including:5 a pointer to the content;use 
information specif® ing the type of use intended for the content;restriction infomiation 
limiting usage of the <B>content</B>; andprotection information specifying an ID for 
the <B>content</B> and an encryptionkey for the <B>content</B>;forming a download 
token in the device, using the ID for the <B>content</B> and theencryption key for the 
<B>content</B>;sending the download token from the device to the 
<B>distributing</B> computer with arequest to download the <B>content</B> after 
validating the download token; andreceiving the <B>content</B> at the device, in 
response to the validation of the downloadtoken at the <B>distributing</B> 
computer;whereby only authorized devices in the network can successfully download the 
<B>content</B>. 

40 The method of claim 39, wherein the download token is a message authentication 0 
code QAAQ based on the encryption key for the content. 

41 The method of claim 40, wherein the download token further includes a digital 
signature of the device and a certificate issued by a certifying authorization accompanies 
the download token sent to the distributing computer. 

43 A method for issuing rights in vouchers from a voucher server to a wireless device in 
a mobile communication environment, the rights being to protected content of a digital 
asset 

stored in a <B>content</B> server, comprising:0 storing a digital asset <B>content</B> 
in a content server in a network;storing a voucher in a voucher server in the 
<B>network</B>, the voucher having metadataincluding:a pointer to the content;use 
information specifying the type of use intended for the content;5 restriction information 
limiting. ..establishing step ftuther comprises: establishing with the wireless device the 
connection to the content server using a Multimedia Messaging Service (MMS) of a 
wireless communications <B>network</B>. 

61 The method of claim 51, wherein the receiving step further comprises: 
receiving at the wireless device, the voucher from the voucher server, using a... wireless 
device, the voucher from the voucher server, using an object exchange protocol of a 
wireless communications network! 0 

64 A method for super- distribution of rights by a wireless device in a mobile 
communication environment, based on vouchers issued by a voucher server, the rights 
being to protected content of a digital asset stored in a content server, comprising: 
establishing with a wireless device, a connection to a content server in a network 
1 5 storing a digital asset <B>content</B>;selecting with the wireless device, the content 
in the content server;requesting a first voucher from a voucher server in the 
<B>network</B> for rights to thecontent the first voucher having metadata including:a 
pointer to the <B>content</B>;use information specifying the type of use intended for 
the <B>content</B>;restriction information limiting usage of the <B>content</B>; 
andprotection information specifying a form of protection for the 
<B>content</B> receiving at the wireless device the voucher from the voucher 
server; sending from the wireless device to the voucher server a request to super- 
<B>distribute</B> the <B>content</B> to a second device, the ...the second device; 



receiving at the wireless device a modified voucher from the voucher server, themodified 
voucher having metadata including:a pointer to the <B>content</B>;use information 
specifying the type of use intended for the <B>content</B>;restriction information 
limiting usage of the <B>content</B>;protection information specifying a form of 
protection for the content; andthe identification of the second device; andsending the 
modified voucher from the wireless... claim 113, which further comprises:said content 
key being joined with said reference media ID by perfonning an exclusive OR operation 
between said <B>content</B> key and said reference media ID, forming saidkey token; 
andsaid recovering of said <B>content</B> key being by performing an exclusive OR 
operation between the media ID and said key token. 115. The system of claim II 3, 
wherein the <B>content</B> is <B>transferred</B> on a tangible medium such as a CD 
ROM or a floppy disk. 1 16. A method for enabling a wireless device in a mobile 
communication environment to obtain rights to protected <B>content</B> of a digital 
asset, the digital asset being downloaded to the wireless device from any one of a 
plurality of <B>content</B> servers, the digital asset comprising a content ID, content 
encrypted with a content key and information on obtaining rights to the 5 content being 
expressed in a voucher generated by a voucher server in the 

<B>network</B>,comprising:sending a request for a voucher for the said content to a 
DRM agent, the DRM agent being able to communicate with the voucher server and with 
at least one of a plurality of <B>payment</B> servers designated by the terminal for 
<B>payment</B> transactions receiving an offer of consideration from the DRM agent 
including considerationinformation obtained by the DRM agent from the voucher 
server; sending an acceptance of the consideration to the DRM agent, which after 
completed <B>payment</B> transactions obtains a voucher for the content from the 
voucher server; receiving the voucher from the DRM agent, which it obtained from the 
voucherserver... content to a DRM agent, the DRM agent being able to communicate with 
the voucher server and with at least one of a plurality of <B>payment</B> servers 
designated by the tenninal for <B>payment</B> transactions ;receive an offer 
...includingconsideration information obtained by the DRM agent from the voucher 
server;send an acceptance of the consideration to the DRM agent, which aftercompleted 
<B>payment</B> transactions obtains a voucher for the content from the 
voucherserver;receive the voucher from the DRM agent, which it obtained from the 
voucherserver... content to a DRM agent, the DRM agent being able to communicate with 
the voucher server and with at least one of a plurality of <B>payment</B> servers 
desipated by theterminal for <B>payment</B> transactions ;pro gram code ...the voucher 
server;program code in said computer readable medium for sending an acceptance of the 
0 consideration to the DRM agent, which after completed <B>payment</B> transactions 
obtains avoucher for the content from the voucher server;program code in said computer 
readable medium for receiving the voucher from the DRM... to a DRM agent, the DRM 
agent being able to communicate with the voucher server and with at least one of a 
plurality of5 <B>payment</B> servers designated by the terminal for <B>payment</B> 
transactions receiving an offer of consideration from the DRM agent including 
considerationinformation obtained by the DRM agent from the voucher server; sending an 
acceptance of the consideration to the DRM agent, which after completed 
<B>payment</B> transactions obtains a voucher for the content from the voucher server; 
receiving the voucher from the DRM agent, which ... content to a DRM agent, the DRM 



agent being able to communicate with the voucher server and with at least one of a 
plurality of <B>payment</B> servers designated by the terminal for <B>payment</B> 
transactions ;receive an offer of consideration from the DRM agent 
includingconsideration information obtained by the DRM agent from the voucher 
server; solid an acceptance of the consideration to the DRM agent, which aftercompleted 
<B>payment</B> transactions obtains a voucher for the content from the 
voucherserver;receive the voucher from the DRM agent, which it obtained from the 
voucherserver, ... content to a DRM agent, the DRM agent being able to communicate 
with the voucher server and with at least one of a plurality of <B>payment</B> servers 
designated by theterminal for <B>payment</B> transactions ;program code in said 
computer readable medium for receiving an offer ofconsideration from the DRM agent 

including consideration inf6rmation obtained by theDRM from the voucher 

server;program code in said computer readable medium for sending an acceptance of the 
consideration to the DRM agent, which after completed <B>payment</B> transactions 
obtains avoucher for the content ...with the content including:information specifying the 
type of use intended for the content;information specifying restrictions, which limit usage 
of the content;information specifying <B>payment</B> and <B>payment</B> 
transactions associated to theuse and restrictions to the use of the content;receiving the 
digital content with the associated information at the voucher server... with the content 
including:information specifying the type of -use intended for the content;information 
specifying restrictions, which limit usage of the content;information specifying 
<B>payment</B> and <B>payment</B> transactions associatedto the use and 
restrictions to the use of the content;receive the ...the content including:information 
specifying the type of use intended for the content;information specifying restrictions, 
which limit usage of the content;information speci@@ing <B>payment</B> and 
<B>payment</B> transactions associated to theuse and restrictions to the use of the 
content;program code in said computer readable medium for receiving the digital 
content... 
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Detailed Description: 

...features are the CLASS family of services (Call waiting, Call forwarding, Conference 
calling, Call rejection), enhanced call routing, Number Portability, Calling Card Services, 
and Audio delivered Information Services (e.g. travel, stocks and weather). 



These IN capabilities are enabled by devices such as SCP, STP, SSP and EIP in the 



AIN therefore with very few exceptions become a major undertaking and a complex 

coordination effort to launch a new or modified IN service in the "Core" network 
environment. 

Data networks in the "Core" 

While the PSTN was growing in feature functionality as well as traffic demand, new data 
networks have been created to support the inter-networking of computing devices. These 
data networks provide interconnection to geographically dispersed computing devices at 
56 

backbone with the PSTN network. The services on the PSTN and the data networks are 
very distinct and non-interoperable (example: voice versus web access). 

With the rapid explosion of the Internet, and innovation in packet based technologies, 
the IP based data network has become the dominant network in terms of user traffic, and 
its growth is slated to continue exponentially. This phenomenon has created a dilemma 

for traffic planners and engineers of cable), and new (green field) service providers 

continue to exploit their advantage, it has become necessary for many incumbent service 
providers to transition their "Core" network to the "Next Generation Network", where 
they 
57 

New IP based services in the "NGN" 

While there are components in the NGN that ensure interoperability between "NGN" and 
PSTN, there... enable services like integrated messaging, multimedia conversations, on- 
demand multi-point conference, enhanced security & authentication, various classes of 
media transport services, numerous automations in electronic internet commerce 
activities e.g. banking, shopping, 5 customer care, education, etc. As the NGN matures 
third party value added service providers will develop IP based services that will combine 
applications such as electronic commerce (procurement, warehousing, distribution 
andjuqlillment) as well as online banking to present the consumer with an integrated 
boundless shopping experience. 

Growth of bandwidth in the "NGN" 

In addition to bandwidth required to support broadband access. 

New and emerging technologies such as Giga-Bit Ethernet and Wire Speed IP may find 
their way to the network backbone, but not until Giga-bit Ethernet technology matures to 
handle a wide array of network services such as connection oriented circuit emulation. 

The use of Wire Speed IP technology is suitable for an enterprise network but lacks the 
robustness and scalability needed for carrier grade backbones. For this reason, there will 

always be a need for ATM in the backbone technologies (e.g. IP, TCP, LJDP), as 

opposed to using existing circuit switched technologies (e.g. 

MTP). 

IN requirements and architecture in the Next Generation Network (NGN) 



Given the huge revenues and global nature of PSTN services, as well as their use of SS7 

and AIN technologies, components that allow interoperability will - provide the next 

level of intelligence in order to address communication over mixed media types, control 
of multiple session characteristics, collaborative communications needs, ubiquitous 
network access, "any to any" communications, and multimedia delivered information 
services. Note that these "NGN" components will continue to evolve to provide similar 
and enhanced capabilities in the "New Core". 

The following provides a description of new components in the "NGN" and the "New 
Core" that provide enhanced IP based services. The Intelligent IP (j2p) Network enablers 
are categorized as follows. 

Session Control (Bandwidth, Switching and Routing) 
Media Control (Call Treatment such as media conversion 

Policy Management (Directory, Access control, Security permits mobile NGN service 

users to maintain the same experience and have access to the same information regardless 
of where or how they access the network. 

Example: Assuming a US based NGN service user was roaming in Europe and wanted to 

access the network but has the use of specific calling efficiently with mechanisms that 

make remote data available locally for the duration of a session and then caches the 
information in short term non- volatile memory not in the foreign rules database server. 
In other words although a user's profile may be physically stored in a Rules database in 
the United States, the user may access the network from Europe and be automatically 
granted access to the specific services and features that normally would be available 
during his US service experience. The remote session controller in Europe would 
communicate with the cross network location register and rules database server to 
identify the subscriber's "home" rules database in order to collect the policies and profile 
of the subscriber for use in Europe; this is done by using the inter device message sets 
(command and control over the control plane sub network. Unlike other ...recognition, 
Text to Speech, Text to Fax, etc. 

Protocol Conversion (Policy Management) 
Receives session requirements from Rules database 
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of sessions 

Interfaces with existing CORE network to process information across NGN 
Extended CORE 

0 Filters and Converts signals from SS7 /ISDN to TCP/IP /H.323 

Converts Signaling data from one format to another (example: G. 728/9 to 

AD/PCM or Vocaltec to Vienna Systems, etc.) 

Network Access Control Point (Session Control) 

Similar to a switching node on an SS7 circuit switched network. 

First or Last Access Point in the network 

Provides actual call / session handling, routing and processing based on 



instructions from the Rules Database server 
1 5 

Session Manager / Event Logger (Session Control) 
This... framework to sustain it for the long term. 

Now that the details regarding the NGN have been set forth, information will now be 
presented concerning billing when the quality of service is degraded. 
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Degraded Quality of Service and Billing 

A typical telecommunication network comprises multiple telecommunication switches 
located throughout a geographical area. When a user makes a call, the call may be routed 

through one or more switches places a call from Los Angeles, California to a party 1 

0 112 located in New York City, New York. Such a call is typically transmitted across 
three (3) switches: the Los Angeles, California switch 1206; the Chicago, Illinois switch 
1208; and the New York City, New York switch 1210.1. ..of the switches, 1206-1210, that 
switch creates a call record. 

The call record contains information on the call, including but not limited to: routing, 
billing, call features, and trouble shooting information. After the call is terminated, each 
switch 1206-1210 that processed the call completes the associated call record. The 
switches 1206-1210 combine multiple call records into a billing block. 

When a switch 1206-1210 fills the billing block, the switch 1206-1210 sends the billing 
block to a billing center 1218. Thus, the billing center 1218 receives one billing block 
from each switch 1206-1210 that handled the call, which in this case would be three 
billing blocks. The billing center 1218 searches each billing block and retrieves the call 
record associated with the call, thereby retrieving one call record per switch 1206-1210 
that handled the call. The billing center 1218 then uses one or more of the retrieved call 
records to generate a billing entry. The billing center 1218 is also connected to each DAP 
1212-1216 to retrieve information regarding a switch 1206-1210 or call record. However, 
billing in the present invention is increased because the 
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hybrid network also contains proxy intelligence. 

Figure 13 shows a block diagram of the Network Data Management 1300 in accordance 
with a preferred embodiment of the present invention. Network Data Management 1300 
encompasses the collection of usage data and events for the purpose of network 
performance and traffic analysis. This data may also be an input to Billing (Rating and 
Discounting) processes at the Service Management Layer, depending on the service and 
its architecture. 

The process provides sufficient and relevant information to verify compliance/ non- 
compliance to Service Level Agreements (SLA). The process provides sufficient usage 
infon-nation for rating and billing. 



This process ensures that the Network Performance goals are tracked, and that 
notification is provided when they are not met (threshold exceeded, performance 
degradation). This also includes thresholds and specific requirements for billing. 

This includes information on capacity, utilization, traffic and usage collection. In some 
cases, changes in traffic conditions may trigger changes to the network for the... 
...determine a status of the hybrid network which in turn, in step 1404, is utilized during 
management of the hybrid network. Further, in step 1406, billing rates and discounts are 
determined based on the status of the hybrid network. 

In addition to the Network Data Management 1300 generating billing events, the pre sent 
invention also uses a Customer Interface Management process 132, as shown in Figure 
15, to directly interact with customers and translate customer requests and inquiries into 
appropriate "events" such as, the creation of an order 
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or trouble ticket or the adjustment of a bill. This process logs customer contacts, directs 
inquiries to the appropriate party, and tracks the status to completion. In those cases 
where customers are given direct customers. 

The aim is to provide meaningful and timely customer contact experiences as frequently 
as the customer requires. 

Figure 16 is a flowchart illustrating a Customer Interface Management Process in 
accordance with a preferred embodiment. First, in step 1600, a service level agreement is 
received for a hybrid network customer. Next, in step 1602, the service level agreement is 
stored after which, in step 1604, inquiries are received from network customers 
reflecting occurrences related to the hybrid network. Thereafter, in step 1606, events are 
generated based on the customer inquiries and the service level agreement. 
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The Network Data Management 1300 and Customer Interface Management 
process 1500 are used to give information to the Customer Quality of Service 
Management Process 1302, as shown in Figure 17. The Customer Quality of 
Service Management Process 1302 encompasses monitoring, managing and 
reporting of quality of service as defined in Service Descriptions, Service Level 

Agreements (SLA), and this process are standard (predefined) and 

exception reports, including; dashboards, performance of a service against an SLA, 
reports of any developing capacity problems, reports of customer usage patterns, etc, In 
addition, this process responds to performance inquiries from 
the customer. For SLA violations, the process supports notifying Problem 
Handling and for QoS violations, notifying Service Quality Management 1304. 

The aim is to provide effective monitoring. ..a customer-by-customer basis, as required. It 

also applies 
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any discounts agreed to as part of the Ordering Process, for promotional discounts and 



charges, and for outages. In addition, the Rating and Discounting Process 1306 applies 

any rebates due because service level agreements were not met. The aim is the 

network quality of service violations and, in step 2410, rebates are determined based on 
the network service level agreement violations. Thereafter, in step 2412, billing data 
reflecting the usage information, the negotiated discounts, and the rebates is provided to 
generate a customer invoice. 

Utilizing information from the Rating and Discounting Process 1306, the Invoice and 
Collections Process 1504, as shown in Figure 25, creates correct billing information. This 
process encompasses sending invoices to customers, processing their payments and 
performing payment collections. In addition, this process handles customer inquiries 
about bills, and is responsible to resolve billing problems to the customer's satisfaction. 
The aim is to provide a correct bill and,, if there is a billing problem, resolve it quickly 
with appropriate status to the customer. An additional aim is to collect money due the 

service provider in a professional and 26 is a flowchart illustrating an Invoice and 

Collections Process in accordance with a preferred embodiment. First, in step 2600, 
customer account inquiries and customer payment information is received by the system. 
Next, in step 2602, billing data, including discounts due to quality of service violations 
and rebates due to service level agreement violations, is collected and processed. 
Thereafter, in step 2604, customer account invoices are created for distribution based on 
the customer payment information and the billing data. 

Mediation and activity tracking are provided by the event logger and event 
manager. The event logger and event manager feed the rating and billing 
information for degraded service using the personally customized rules database. 

Utilizing an expert system for the tailored capabilities of each customer, the event 
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driver... present invention. When a customer initiates a use of the hybrid network, the 
hybrid network, in a first step 2700, transfers the media over the network using IP 
information to route it to the appropriate destination. The media transferred over the 

network may be telephony data, image data, or any other Finally, the Invoice and 

Collections Process 1504, 
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To better understand the invention, it is useful to describe some additional terminology 
relating to a telecommunication network. A telephone call comes into a switch on a 
transmission line referred to as the originating port, or trunk. The originating port is one 

of into the switch from the same location of origin. This group of ports is the 

originating trunk group. After processing an incoming call, the switch transmits the call 
to a destination location, which may be another switch, a local exchange carrier, or a 
private branch exchange. The call is transmitted over a transmission line referred to as 
the terminating port, or trunk. Similar to the originating port, the terminating port is one 
of a group the same destination. This group of ports is the terminating trunk group. 

Contemporary telecommunication networks provide customers with the capability of 
using the general public network as well as the capability of defining a custom virtual 



network (VNet). 



With a VNet, a customer defines a private dialing plan, including plan telephone 

numbers. A VNet customer is not limited to the default telephone three (3) second 

increments where local switch time represents the time of day at a switch. The timepoint 
fields are used by the network switches, billing center, and other network subsystems. 

Each subsystem, however, may require the time period for a different use and in a 

different 
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A problem also arises when using only local switch time in that there is no 
accommodation for time changes zone changes. 

There is also a need to match all of the call records associated with a specific telephone 
call. For exam le, for proper billing and cost control, it is necessary for the billing center 
to match the 
•P 

originating switch's call record to the terminating switch's call record. Also, for 
troubleshooting and security purposes, it may. ..zero (0) local switch time, or any other 
time. 

Epoch time is only a format and does not dictate that UTC must be used. The billing time 
and the local switch time may be in UTC or local time, and the local switch time may not 
necessarily be the same time that is used for billing. Therefore, the switch must keep 
billing time and local' switch time separate in order to prevent the problems that occur 
during daylight savings time changes. 

Network Call Identifier 

This embodiment solves call. The NCID is small enough to fit in a 32-word call 

record, thereby reducing the data throughput and storage. The NOD provides the billing 
center and other network subsystems with the ability to match originating and terminating 
call records for a specific telephone call. 
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This embodiment relates to. ..A SER is reserved for special events such as the passage of 
each hour mark, time changes, system recoveries, and at the end of a billing block. The 
SER record fori-nat is also described in more detail below. 
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Figures 36 and 37 collectively illustrate the logic that a 22) digits, including 

supplemental data, are recorded in the Authorization Code field of the call record. The 
Authorization Code field indicates a party who gets billed for the call, such as the calling 
location or a credit card call. If the data entry requires more than twenty-two (22) digits, 
the switch 1206-1210 records the billing information in an expanded record (ECDR, 
EPNR, EOSR, EPOSR) 3616. 



In a seventh check 3700 on a call 3602, a switch 1206-1210 determines if expanded 

record (ECDR, EPNR) 3708. 
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In an eighth check 3702 on a call 3602, a switch 1206-121 0 determines if the time and 
charges feature was used by an operator. The time and charges feature is typically used 
in a hotel scenario when a hotel guest makes a telephone call using the operator's 
assistance and charges the call 3602 to her room. After the call 3602 has completed, the 
operator informs the hotel guest of the charge, or cost, of the call 3602. If the time and 
charges feature was used with a call 3602, the switch 1206-1210 records the hotel guest's 

name and room number in an expanded record (EOSR stay at the maximum count if 

the time exceeds the limits. 

The switch clock reflects local switch time and is used for all times except billing. 
Billing information is recorded in epoch time, which in this embodiment is UTC. The 
Time offset is a number reflecting the switch time relative to the. ..an Event Qualifier 
equal to two which identifies that the change was made to the Local Switch Time and 
Time Offset of the switch. 

The billing center uses the SER for its bill processing. The switch proceeds to step 3810 

and 
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Figure 39 illustrates the control flow for the Change Daylight Savings Time command 

which is the and exits the command without updating the Local Switch Time and 

Time Offset. 

After the successful completion of a Change Daylight Savings Time Command, the 
billing records are affected by the new Time Offset. This embodiment allows the epoch 
time, used as the billing time, to increment normally through the daylight savings time 
change procedure, and not to be affected by the change of Local Switch Time and Time 
Offset. 

Network Call Identifier 

An embodiment provides a unique NCID that is assigned to each telephone call that 
traverses through the telecommunications network. Thus, the NCID is a discrete 
identifier among all network calls. The NCID is transported and recorded at each switch 
that is involved with the telephone call. 

The originating switch of a telephone call generates. ..current switch determines if the 
originating trunk group type is an Integrated Services User Parts Direct Access Line 
(ISUP DAL) or an Integrated Services Digital Network Primary Rate Interface (ISDN 
PRI). ISUP is a signaling protocol which allows information to be sent from switch to 
switch as infori-nation parameters. An ISUP DAL is a trunk group that primarily is 
shared by multiple customers of the network, but can also be dedicated to a single 
network customer. In contrast, an ISDN PRI is a trunk group that primarily is dedicated 
to a single network customer, but can also be shared by NCID and overwrite the 



NCID provided by the customer to ensure that a valid NOD corresponds to the call 3602 

and is sent through the network. In step 4108, if 
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the current switch is not authorized to create a new NCID for the call 3602, the current 
switch proceedstostep4110. Instep4HO...the call 3602, the current switch proceeds to step 
4418, thereby exiting the switch processing. 

A system and method for the switches of a telecommunications network to generate call 
records for telephone calls using a flexible and expandable record format. Upon receipt of 
a telephone call, a switch in the network analyzes the telephone call to determine 
whether the default call record is sufficiently 
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large to store call record information pertaining to the telephone call pertaining to the 

telephone call. After determining which call record to use, the switch generates the 
default or expanded call record. The switch sends a billing block, comprised of 
completed call records, to a billing center upon filling an entire billing block. 

Introduction To A Callback Telephony System in Accordance 
With A Preferred Embodiment 

In today's telephony environment, a caller must contact an operator to... initiated, billing 
information, and telephone numbers of parties to participate in the call could be captured- 
Then, based on the information entered, a central or distributed computing facility with 
access to the hybrid network transmits e-mail in a note to each party required for the call 
copying the other parties to verify participation and calendar the event. The e... 
...company or organization needs are also enabled and can be tailored to meet the needs 
of a particular user based on more global information. 
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Billing information would also be provided online. A user could enter a pre-arranged 
billing number or the ability to bill to a credit card or telephone number. If billing to a 
telephone number, the system treats the call like a collect or third party call to verify 
billing. 

If profile information were predefined for a particular call scenario, then another option 

would allow an immediate connection of a conference call or single call of a button, 

much as speed dialing is performed today except that more than one caller could be 
joined without intervention of the calling party, Internet callers are supported and an 
operator can be Joined as required. 

Before describing this aspect of the present invention, a description of internet 
environment is presented. 

Internet 

The Internet is a method of interconnecting physical networks and a set of conventions 
for using networks that allow the computers they reach to interact. Physically, the 
Internet is a huge, global network spanning over 92 countries and comprising 59,000 



academic, commercial, government, and military networks, according to the Government 

Accounting Office (GAO), with these numbers expected has an open nature and is 

available to everyone, meaning that it attempts to create a network protocol system that is 
independent of computer or network operating system and architectural differences. As 
such, TCP/IP protocols are publicly available in standards documents, particularly in 
Requests for Comments (RFCs). A requirement for Internet connection is TCP/IP, 
which consists of a large set of data communications protocols, two of which are the 
Transmission Control Protocol and the Internet Protocol. 

The International Telecommunication Union-Telecommunication Standardization Sector 
("ITUT") has established numerous standards governing protocols and line encoding for 
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ITU G.71 1 Recommendation for ITU G.722 Recommendation for 7kHz Audio 

Coding within a 64kbit/s channel. 

ITU G.723 Recommendation for dual rate speech coder for multimedia communication 
transmitting at 5.3 and 6.3 kbits. 

ITU G.728 Recommendation for coding of speech at 16kbit/s using low-delay code 
excited 

linear prediction dial-up telephone lines. 

ITU T. 120 Transmission Protocols for Multimedia Data. 
In addition, several other relevant standards exist including. 
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ISDN Integrated Services Digital Network, the digital communication standard for 
transmission of voice, video and data on a single communications link. 

RTP Real-Time Transport Protocol, an Internet Standard Protocol for transmission of 
real-time data like voice and video over unicast and multicast networks. 

EP Internet Protocol, an Internet Standard Protocol for transmission and delivery of 
data packets on a packet switched network of interconnected computer systems. 

PPP Point-to-Point Protocol 

MPEG Motion Pictures Expert Group, a standards body under the International Standards 
I 0 Organization(ISO), Recommendations for compression of digital Video and Audio 
including the bit stream but not the compression algorithms. 

SLIP Serial Line Internet Protocol 
RSVP Resource Reservation Setup Protocol 
UDP User Datagram Protocol 
1 5 

The popularity of the TCP/IP protocols on the Internet grew rapidly because they met an 



important need for worldwide data communication and had several important 

characteristics that allowed them to meet this need. These switching equipment within 

the telephone system seeks out a physical path from the ori inating telephone 
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to the receiver's telephone. A circuit-switched network attempts to form a dedicated 
connection, or circuit, between these two points by first establishing a circuit from the 
originating phone 
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The establishment of prerequisite to the transmission of data for circuit switched 

networks. After the circuit is in place, the microphone captures analog signals, and the 
signals are transmitted to the Local Exchange Carrier (LEC) Central Office (CO) in 
analog form over an analog loop. The analog signal is not converted to digital form... 
...the equipment is modem enough to support digital information. In an ISDN 
embodiment, however, the analog signals are converted to digital at the device and 
transmitted to the LEC as digital infon-nation. 

Upon connection, the circuit guarantees that the samples can be delivered and 
reproduced by maintaining a data path of 64 Kbps (thousand bits per second). This rate is 

not the rate required to send digitized voice the 64 Kbps path is maintained from LEC 

Central Office (CO) Switch to LEC CO, but not from end to end. The analog local loop 
transmits an analog signal, not 64 Kbps digitized audio. One of these analog local loops 

typically exists as the "last mile" of each of the telephone way to gain connection 

until some other connection terminates. Second, utilization can be low while costs are 
high. In other words, the calling party is charged for the duration of the call and for all of 
the time even if no data transmission takes place (i.e. no one speaks). Utilization... a single 
block may tie up a line for many minutes, rendering message switching useless for 
interactive traffic. 

Packet switched networks, which predominate the computer network industry, divide 
data into small pieces called packets that are multiplexed onto high capacity intennachine 
connections. A packet is a block of data with a strict upper limit on block size that carries 
with it sufficient identification necessary for delivery to its destination. Such packets 
usually contain several hundred bytes of data and occupy a given transmission line for 
only a few tens of milliseconds. 

Delivery of a larger file via packet switching requires that it be broken into many small 
packets and sent one at a time from one machine to the other. The network hardware 
delivers these packets to the specified destination, where the software reassembles them 
into a single file. 

Packet switching is used by virtually all computer interconnections because 99 

To better understand the Internet, a comparison to the telephone system is helpful. The 
public switched telephone network was designed with the goal of transmitting human 
voice, in a more or less recognizable form. Their suitability has been improved for 
computer-to-computer I 0 communications but remains far from optimal. A cable running 
between two computers can transfer data at speeds in the hundreds of megabits, and 



even gigabits per second. A poor error rate at these speeds would be only one error... 
...are connected to the individual networks, we can investigate how the networks are 
connected together to form an internetwork, or an internet. At this point, internet 
gateways and internet routers come into play. 

In terms of architecture, two given networks are connected by a computer that attaches to 
both of them. Internet gateways and routers provide those links necessary to send 
packets between networks and thus make connections possible. Without these links, data 
communication through the Internet would not be possible, as the infon-nation either 
would not reach its destination or networks over the internet. 

IP Routers are also computers that as to how to send the data packets it receives to its 

destination through the use of continually updated routing tables. By analyzing the 
destination network address of the packets, routers make these decisions. Importantly, a 
router does not 
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Now, it is useful to take a simplified look at routing of the area code and the first 

three di its of the telephone number uniquely specify an end office and help dictate the 
rate and billing structure. 

The two-wire connections between each subscriber's telephone and the end office are 

called local loops. If a subscriber attached to a given toll office, then the path will 

have to be established somewhere higher up in the hierarchy. There are sectional and 
regional offices that forin a network by which the toll offices are connected. The toll, 
sectional, and regional exchanges communicate with each other via high bandwidth inter- 
toll trunks. The number.. .and technology. 

The following three developments, each likely to become more prevalent in the near 
future, serve as an introduction to the technological arena. 

Asynchronous Transfer Mode (ATM) is a networking technology using a high-speed, 
connection-oriented system for both local area and wide area networks. ATM networks 

require modem can operate at gigabit (trillion bit) per second speeds to handle the 

traffic from many computers. 

Optical fibers (versus copper wires) that provide high data transfer rates, with host-to- 
ATM switch connections running at 1 00 or 15 5 Mbps (million bits per second). 

3) Fixed size cells, each of designed to carry voice, video, and television signals in 

addition to data. Pure packet switching technology is not conducive to carrying voice 
transmissions because such transfers demand more stable bandwidth. 

Frame relay systems use packet switching techniques, but are more efficient than 

traditional systems. This efficiency is partly due to the is an ."international 

telecommunications standard for transmitting voice, video, and data over digital lines," 
most commonly running at 64 kilobits per second. The traditional phone network runs 



voice at only 4 kilobits per second. To adopt ISDN, an end user or company must 

upgrade to ISDN terminal equipment, central office hardware now become part of 

one larger whole with concomitant increases in the level of analysis, testing, scheduling, 
and training in all disciplines of the ISP. 

Internet Service Potential 

Real-time view of the status of each conference call participant, ANI and an 
alphanumeric representation to identify each participant entered by the the appendix. 

In an alternative embodiment, a conference call without callback leg is enabled. In this, 
embodiment, a callback customer participates through a Voice Over Network (VON) 
application utilizing a computer with voice capability, and can initiate a video screen 
popup on the computer display for manual operator assistance as detailed... element. As 
with circuitswitched network elements, packet-switched event gathering and 
interpretation 

is typically performed by custom developed software interfaces which 

communicate directly with the network elements, process raw network events, and sort 

the events by context prior to storing them. As discussed above, the correlation is 

preferably provided by a a Fault Management component 4600 in accordance with a 

preferred embodiment of the present invention, The Fault Management component 4600 
records failures and exceptions in network devices (e.g. network routers or UNIX 
servers) and performs the following operations. 

1) performs root-cause correlation of the failures and exceptions; 

2) immediately takes corrective and/or 3) stores the information into a Database 

Component for later analysis by the 

Reporting Component; and 

4) allows real time viewing of faults in a network map and network event views. 
The Fault Management component 4600 includes the following elements. 
UNIX Servers 4602- Any UNIX Server with BMC Patrol clients loaded. 
NT Servers 4604 - Any NT Server with BMC Patrol clients loaded. 
SNMP Devices 4606 - Any SNMP manageable device. 

HP OV Network Node Manager (Collector Component) 4608 - HP OpenView Network 
Node Manager is one product which performs several functions. In this context it is it is 

responsible HP OpenView Network Node Manager is one product which performs 

several functions. In this context it is responsible for maintaining and displaying the node 
level network map of the network the MNSIS architecture monitors. 

HP OV Network Node Manage 4614 - HP OpenView Network Node Manager is one 
product which performs several functions. In this context it is it is responsible for 
receiving and displaying all events, regardless of their source. 
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Netcool HP OV NNM Probe 4616 - An Omnibus Netcool probe which is installed on the 
same system as HP OV Network Node Manager and forwards events to the Omnibus 
Netcool Object Server. 

Micromuse Internet Service Monitors 4618- An Omnibus Netcool suite of active probes 
(monitors) which monitor internet services such as FTP, POP3, SMTP, NNTP, DNS, 
HTTP, and RADIUS. These monitors collect availability and performance data and 
forward the information as alerts ...to provide universal information access by an object 
request broker. The object request broker allows the Information Services Manager to 
share management information stored in distributed databases. The Proactive Threshold 
Manager uses the information provided by the Information Services Manger to determine 

a current level of service and compare the current databases also provide procedures, 

policies and computer based training to network users. 

The information services manager provides requested information (real-time and 
historical) to the network users via the presentation manager. 

Presentation Manager 

The presentation manager performs the function its name implies: the 

presentation of the information to an end user Management Aspect of the present 

invention works in conjunction with other components of the system, such as Fault 
Management, to provide 

communication between the various network elements of the system, 
Figure 49 is a flowchart showing an Element Management Process 4900 in 
accordance with a preferred embodiment of the present invention. ..correlated events into 
standard object format. Once the events are translated, they are ready for use by other 
system components, such as Fault Management or Billing. 

Customer Support Structure 
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The organization model for customer service support in the NGN network 

provides a single point of contact that is customer focused... the Internet can be ided. Once 

the "free" on-line help service time or time period is up, the Internet Entry Server 

provi 

prompts the user with one or more of a plurality of options for extending the availability 
of online help. For example, the user can be prompted to enter a credit card number to 
which on-line help charges can be charged; he or she can be given the opportunity to 
answer additional survey information in return for additional "free" on-line help; or a 900 
subscriber paid telephone access number can be provided through which additional on- 
line help will be billed via the normal telephone company 900 billing cycles. 

Integrated IP Telephony User Interface 
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One embodiment of the present invention allows a user of a web application to 



communicate in an audio.. .by the fact that the data often 'des in multiple databases, each 
database having different internal file structures. 
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Rarely is the relevant information explicitly stored in the databases. Rather, the 
important 1 5 information exists only in the hidden relationships among items in the 
databases. Recently, artificial intelligence techniques have... services component 5310, or 
a web customer service component 5312. 

The present invention provides a new kind of web architecture framework (called 
"WAY" in this document) that secures, administers, and audits electronic infori-nation 
use. WAF also features fundamentally important capabilities for managing content that 
travels "across" the "information 
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highway." These capabilities comprise a nights protection solution that serves all 
electronic community members. These members include content creators and 
distributors, financial service providers, end-users, and others. WAF is the first general 
purpose, configurable, transaction control/rights protection solution for users of 
computers, other electronic appliances, networks, and the information highway. 

The Internet is a method of interconnecting physical networks and a set of conventions 
for using networks that allow the computers they reach to interact. Physically, the... way 
to gain connection until some other connection terminates. Second, utilization can be low 
while costs are high. In other words, the calling party is charged for the duration of the 
call and for all of the time even if no data transmission takes place (i.e. no one speaks). 
Utilization... concatenation of the area code and the first three digits of the telephone 
number uniquely specify an end office and help dictate the rate and billing structure. 

The two-wire connections between each subscriber's telephone and the end office are 
called local loops. If a subscriber attached to a given trunks. The number of different 
kinds of switching centers and their specific topology varies from country to country, 
depending on its telephone density. 

Using Network Level Communication for Smooth User Connection 

In addition to the data transfer ftinctionality of the Internet, TCP/IP also seeks to 

convince users that the network. The machines outside of the network do not 

participate in these internal routing decisions. 

At this stage, a distinction should be made between direct delivery and indirect delivery. 
Direct delivery is the transmission of a datagram from one machine across a single 
physical network to 1 5 another machine on the same physical network. Such deliveries 
do not involve routers. Instead, the sender encapsulates the datagram in a physical frame, 
addresses it, and then sends the frame directly to the destination machine. 

Indirect delivery is necessary when more than one physical network is involved, in 
particular when a machine on one network wishes to communicate with a machine on 



another network. 



This type of communication is what we think of when we speak of routing information 
across the Internet backbone. In indirect delivery, routers are required. To send a 
datagram, the sender, must identify a router to which the datagram can be sent, and... 
...widely to accommodate these high bandwidth services. 
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WAF supports a general purpose foundation for secure transaction management, 
including usage control, auditing, reporting, and/or payment. This general purpose 
foundation is called "WAF Functions" ("WAFFs"). WAF also supports a collection of 
"atomic" application elements (e.g., load modules) that can be. ..with capability parameter 
data to reflect the elements of one or more express electronic agreements between WAF 
participants in regards to the use of electronic content such as commercially distributed 
products. These control capabilities manage the use of, and/or auditing of use of, 
electronic content , as well as reporting information based upon content use, and any 
payment for said use. WAFF capabilities may Ifevolve" to reflect the requirements of 
one or more successive parties who receive or otherwise contribute to a given set of 
control information. Frequently, for a WAF application for a given content model (such 
as distribution of entertainment on CD-ROM, content delivery from an Internet 
repository, or electronic catalog shopping and advertising, or some combination of the 
above) participants would be able to securely select from amongst available, alternative 

control information related to the use of the object's content. A creating party may 

make a WAF container available to other parties. Control infort-nation delivered by, 
and/or otherwise available for use with, WAF content containers comprise (for 
commercial content distribution purposes) WAFF control capabilities (and any associated 

parameter data during the registration process for a content distribution application, to 

be used by such installation for securely controlling WAF content usage, auditing, 
reporting and/or payment. Similarly, a specific WAF participant may enter into a WAF 
user agreement with a WAF content or 1 5 electronic appliance provider when the user... 
...require certain one or more load modules execute as processes at an appropriate time to 
ensure that such credit will be used in order to pay for user use of the content. A certain 
content provider might, for example, require metering the number of copies made for 
distribution ...the presence of a WAF installation to run). This would require the 
execution of a metering method for copying of the property each time a copy was made 
for another employee. This same provider might also charge fees based on the total 
number of different properties licensed from them by the user and a metering history of 

their licensing of properties might models, content control models, and content usage 

information pathways, 

(2) a complete range of electronic media and distribution means, 

(3) a broad range of pricing, payment, and auditing strategies, 

(4) very flexible privacy and/or reporting models, 

(5) practical and effective security architectures, and 

(6) other administrative procedures that together with of users related to information 

regarding their usage of 

electronic information and/or appliances, 



137 

(2) societal policy such as laws that protect rights of content users or require the 
collection of taxes derived from electronic transaction revenue, and 

(3) the proprietary and/or other rights of parties related to ownership of, distribution of, 
and/or other commercial rights related to, electronic information. 

WAF can support "real" commerce in an electronic form, that is the progressive 

creation of commercial relationships that form, over time, a network of 

interrelated agreements representing a value chain business model. This is achieved in 

part by enabling content control information to develop through the 

interaction of (negotiation between) securely created and independently 

submitted sets of content and/or appliance control information. Different sets of content 

and/or appliance control information can be submitted by different parties in an electronic 

business value chain enabled by the present invention. 

These parties create control information sets through the use of their respective WAF 
installations. Independently, securely deliverable, component based control information 
allows efficient interaction among control information sets supplied by different parties. 

WAF permits multiple, separate electronic arrangements to be formed between allows 

such constituent electronic agreements, and therefore overall WAF extended agreements, 
to evolve and reshape over time as additional 

WAF participants become involved in WAF content and/or appliance control 
information handling. WAF electronic agreements may also be extended as new control 
information is submitted ...appliance use, and/or they may include "static" electronic 
assertions, such as an end-user using the system to assert his or her agreement to pay for 
services, not to pass to unauthorized parties electronic information derived from usage of 
content or systems, and/or agreeing to observe 

copyright laws. Not only can electronically reported transaction related 
information be trusted under the present invention, but payment may be 
automated by the passing of payment tokens through a pathway of payment 
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(which may or may not be the same as a pathway for reporting). Such payment 
can be contained within a WAF container created automatically by a WAF 
installation in response to control information (located, in the preferred embodiment, in 

one WAF's usage control information, for example, provide for property content 

and/or appliance related: usage authorization, 

usage auditing (which may include audit reduction), usage billing, usage 

payment, privacy filtering, reporting, and security related communication and encryption 

techniques. 

WAFIs fundamental configurability will allow a broad range of competitive electronic 
commerce business models to... of items should be easily accessible throughout the 
display catalog, such as through links. 

Optionally, multiple languages may be incorporated into the present invention and 



payment for the predetermined set of items may be accepted in any one of a plurality of 
currencies such as electronic and foreign. 

Recently, an online... basket. During the shopping, he or she examines the content of the 
shopping basket as required to check the item scheduled to purchase and the pay amount 
of the items. Accordingly, it is not necessary to always display the purchase list on the 

screen, but the functions to access to the purpose of the pending sale, customer's 

shopping habits, etc. Such information may be input directly by the user, captured as a 
user uses the network, and may be downloaded periodically from a user's system. Next, 
in operation 5601, a plurality of items for purchase are displayed, from which the 
customer is allowed to select multiple, similar items, i.e. products or services to compare 
in 1 5 ...5904. If no keywords match, the user's words could be analyzed using a 
thesaurus to find keyword 1 5 matches in operation 5906. A payment is then accepted in 
exchange for the solution in operation 5810 of Figure 58, as will be discussed in more 

detail below. It should be availability may be determined with respect to the selected 

items and the selected features thereof for display purposes in operation 6006. Further, in 
operation 6008, payment is accepted in exchange for the selected items and the selected 
features thereof. It should be noted that in the foregoing description, the items 
each... application logic or presentation, 

Another company, Open Market, is developing a similar electronic catalog 
system consisting of a HyperText Markup Language (HTML) authoring tool 
(called Storebuilder), and a server (called Webserver) connected to an integrated back- 
end commerce system (called TransactionLink). This system appears to 
share similar characteristics and disadvantages as the Netscape system, 
Any of the foregoing types of browsers may employed to access various databases via the 
Internet in order to conduct electronic commerce-related business. 

Typical database or file-based shopping cart systems require that the user be uniquely 
identified in order to associate particular data stored on the server with a particular user. 
This requires the user to log-in or create an account, which is 25 @ then stored in the 
server. Each subsequent request from the user must reference the unique identifier, either 
in the uniform resource locator (URL) or as hidden data passed back through a form 

submission. Either of these data processing center, to take orders for goods or 

services from customers and transmit them for processing to the central data processing 
center, to accept payment, and to deliver goods or services in the form of documents to 
the customer when orders are completed. 

The central data processing center is also trip or 
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vacation which is periodically updated via a communication link with the remote control 
center. The self-service terminal normally operates off-line. 

Payment for items purchased over the Internet is also a concern. Today, 
approximately 350 billion coin and currency transactions occur between 
individuals and institutions every year. The extensive use of coin and currency 
transactions has limited the automation of individual... which are used primarily by large 



commercial organizations. 



The Automated Clearing House ("ACH") where a user can enter a preauthorized code 
and download information with billing occurring later, and a Point Of Sale (POS) system 
where a transaction is processed by connecting with 
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a central computer for authorization for the transaction granted or denied 
immediately are examples of EFT systems that are utilized by retail and 
commercial organizations. 

Home Banking bill payment services are examples of an EFT system used by 
individuals to make payments from a home computer. Currently, home banking 

initiatives have found few customers a trend towards off-line payments. For 

example, numerous ideas have been proposed for some form of "electronic 
money" that can be used in cashless payment transactions as alternatives to the 
traditional currency and check types of payment systems, 
The more well known techniques include magnetic stripe cards purchased for a 

given amount and from which a prepaid value can be deducted for for specific 

purposes. 

155 

It is desirable for a computer operated under the control of a merchant to obtain 
information offered by a customer and transmitted by a computer operating under the 
control of the customer over a publicly accessible packet- switched network (e.g., the 
Internet) to the computer operating under the control of the merchant, without risking 
the exposure of the information to interception by third parties that have access to the 
network, and to assure that the information is from an authentic source. It is further 
desirable for the merchant to transmit information, including a subset of the information 
provided by the customer, over such a network to a payment gateway computer system 
that is designated, by a bank or other financial institution that has the responsibility of 
providing payment on behalf of the customer, to authorize a commercial transaction on 
behalf of such a financial institution, without the risk of exposing that information to 
interception by third parties. Such institutions include, for example, financial institutions 
offering credit or debit card services. 

Such secure payment technologies include Secure Transaction Technology 

("STT"), Secure Electronic Payments Protocol ("SEPP"), Internet Keyed 

Payments ('WP"), Net Trust, and Cybercash Credit Payment Protocol. One of ordinary 

skill in the art readily comprehends that any of the secure payment 

technologies can be substituted for the SET protocol without undue 

experimentation. Such secure payment technologies require the customer to 

operate software that is compliant with the secure payment technology, 

interacting with third-party certification authorities, thereby allowing the customer to 

transmit encoded information to a merchant, some of which may be 

decoded by the merchant, and some which can be decoded only by a payment 

gateway specified by the customer, 



Another such attempt to provide such a secure transmission channel is a generalpurpose 

secure communication protocol such as Netscape, Inc connection supports only a 

two-computer connection. Therefore, SSL does not provide a mechanism for transmitting 
encoded information to a merchant for retransmission to a payment gateway such that a 
subset of the information is readable to the payment gateway but not to the merchant. 
Although SSL allows for robustly secure two-party data transmission, ...comprehends 
that any of the general-purpose secure communication protocols can be substituted for the 
SSL transmission protocol without undue experimentation. 

Banks desire an Internet payment solution that emulates existing Point of Sale (POS) 
applications that are currently installed on their host computers, and require minimal 
changes to their host systems. This is a critical requirement since any downtime for a 
banks host computer system represents an enormous 
expense. Currently, VeriFone supports over fourteen hundred different 
payment-related applications. The large number of applications is necessary to 
accommodate a wide variety of host message formats, diverse methods for 
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communicating to a variety of hosts with different dial-up and direct-connect schemes, 
and different certification around the world. In addition, there are a wide variety of 

business processes that dictate how a Point of Sale (POS) terminal queries a utilizing 

the bank's proprietary protocol, and by providing other value-added services that a 
merchant may not be able to obtain at another bank. 

Internet-based payment solutions require additional security measures that are 
not found in conventional POS terminals. This additional requirement is 
necessitated because Internet communication is done over publicly-accessible, 
unsecured communication line in stark contrast to the private, secure, dedicated phone or 
leased line service utilized between a traditional merchant and an acquiring bank. Thus, it 
is critical that any solution utilizing the Internet for a communication backbone, employ 
some form of cryptography. 

As discussed above, the current state-of-the-art in Internet based payment processing is 
a protocol referred to as SET. Since the SET messages are uniform 
across all implementations, banks cannot differentiate themselves in any 
reasonable way and thus cannot easily develop and maintain an online presence. 

One way a company can contact millions of potential customers is to use the global 
Internet. The global Internet is a network of computer networks that links together 
millions of computer systems using the well defined TCP/IP protocol. 

A new method of distributing and viewing information known as the Worldwide Web 
has recently become very popular on the global Internet. The Worldwide Web is a 
collection of servers connected to the Internet that provide multimedia information to 
users that request the information, The users access the information using client programs 
called "browsers" to display the multi-media information. 
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World-Wide Web servers store multi-media information in a document format 
known as HyperText Markup Language (HTML). The World-Wide Web servers 
distribute the HTML formatted documents using a specific communication 
protocol known as the HyperText Transfer Protocol (HTTP). 

To access the multi-media information available on World-Wide Web servers, a 
user runs a client browser program that accesses the HTML formatted 
documents stored on the HTTP servers connected to the global Internet. The client 
browser program retrieves the formatted information and provides the information in an 

appropriate manner to the user. For example, the client browser program samples 

using the speakers on the user's computer system. "Mosaic", one popular client browser 
program, is widely available to the users of the global Internet. 

For a company that wishes to develop an online presence, creating a World-Wide Web 
Server would provide a feature rich online service available to... World- Wide 
Web Servers can be implemented on relatively simple computer systems, 
including personal computers. 

Most World-Wide Web Servers are coupled to the global Internet. By deploying a 
World-Wide Web Server on the global Internet a company would create online 
service that is accessible to the millions of global Internet users, 
Alternatively, a company can deploy a HTTP server that is available to 
customers through dial-up phone service. A dial-up HTTP server would be 
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accessible to customers and clients that do not have Internet access, Thus, by creating a 
simple HTTP server, any organization or corporation can create an online presence. 

However, quickly creating the HTML formatted documents required iv) discussion 

groups. 

The ability to perform commercial transactions that involve order entry systems 
transactions can be carried out simply by logging onto a computer network. 

Four different types of commercial transactions might commonly occur in a commercial 

online service. First, a user may be charged for the right to access the user for 

performing some type of action such as winning a contest or completing a marketing 
survey. Third, an online service may charge a content provider for placing certain 
information on the online service. For example, a content provider can be charged for 
placing an advertisement on the online service. Finally, a content provider can be paid by 
the online service for providing information that users may wish to access, can be can be 
provided on a for-fee basis. Conversely, an online service provider may wish to pay third 
party content providers for placing useful material on the online service. 

Thus, when creating a publicly accessible online system, it is desirable to include the 
ability to time, or according to the premium paid by the advertiser. A user is 



permitted to select the items for purchase, as indicated by operation 6104. Payment is 
then accepted in exchange for the selected items in operation 6105. While the virtual 

shopping environment is being used, advertisement information may be displayed to 

the user based on the profile of the user. This is particularly useful where the 
advertisements are being rotated. Then the advertiser would be billed based upon the 
number of times its advertisement was shown Note that the items each include ...cross- 
selling, up-selling, advertisements, and promotions are linked to pages containing greater 
detail or to a purchasing area. 

The use of advertising revenues to pay for information dissemination is well established 
in domains such as television and radio in which end users are tuned to a continuous 

signal over a listen to a program or to otherwise receive information. Furthermore, in 

virtually all such systems or media, the juxtaposition or placement of 
advertisements and information content is explicitly programmed or determined 
by human beings working as "editors" or in a similar content and/or 
presentation editing capacity. 

Distributing information via the Internet or other publicly accessible computer 
communication networks has been largely unsupported by advertising revenues due to 
the lack of good mechanisms for mixing advertising and information content in such a 
way as to be acceptable to both end users and advertisers. 

There are, of course, some exceptions where advertising/content mixtures from other 
contexts, such as newspapers and television, have been simply replicated on the 
Internet. For instance, some newspapers have been "published" at least in part on the 
Internet, and include advertisements along with information content. 

In fact, some newspapers sell advertising space on an associated World Wide Web 

(WWW) site, which often includes Further, the user is allowed to select the items for 

purchase in operation 6308. Factors that are tailored include price and availability of the 
items. Payment is then accepted in exchange for the selected items in operation 6310, as 
discussed in more detail below. 
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The virtual shopping environment may be... pricing is controlled by the stock market. 

The current wide-ranging use of computer systems provides a relatively large potential 
market to providers of electronic content or information. These 
providers may include, for example, advertisers and other information 
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publishers such as newspaper and magazine publishers. A cost, however is 
involved information in the servers current. 

One source which can be accessed to provide the monetary resources necessary 
to establish and maintain such an electronic information network is the 
individual end users which consume the electronic information. This electronic 



information, however, has different value to different users. For example, some users 

will advertisements, cognizant of the fact that consuming these advertisements 

will subsidize their electronic content consumption fees, 
ORDERPLACEMENT 

Collects user infori-nation for order processing (shipping, billing) 
Recaps order for confirmation (shipping, price, availability) 
Allows for order maintenance (qty, product, shipping) 
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Referring to operation 5414 of Figure 54, another embodiment of receives an order 

for at least one of the products and services. User information- is collected for order 
processing, including an address for delivery and billing. In the alternative, a user may 
enter an alphanumeric code representative of a source of currency, such as a credit card 
number or bank account... such as by taking into account handling costs, the total weight 
of the items, the distance to final destination of the items, and the corresponding charges 
of the shipping provider. An estimate of the delivery date may also be given. It should be 

noted that mileage and the like could be of the invention processes transactions 

pertinent to the purchase of items. For example, credit card transactions are processed, as 
are purchase order transactions. A structured payment plan may also be created. 

The actual order is placed with a fulfillment house for physical shipping of a product, or 
the order is placed... allows the vendor to 

prohibit unauthorized usage of the software that might facilitate unauthorized copying. In 
addition, licensing provides an advantageous method of providing and billing for 
software. Through licensing, the vendor may sell several identical copies of the same 
software and charge the buyer for each copy . 

Licensing schemes have adapted to the network environment as well as the individual 
personal computer. In a network environment, such as a client-server network, multiple 
users may access the same copy of a particular application. Consequently, the vendor can 
charge the network owner not for the number of copies installed on the network, but for 
the number of users having access to the software. 

Software controlling access to software on a network. 

Electronic licensing typically comprises providing a set of criteria under which a request 
for an application from the server should be granted. One licensing system uses a fixed 
set of licenses controlled by a license server. The license information is maintained in a 
license database, along with information regarding which applications are in use and 
how many units are still available. 

The information in the database may be encrypted to prevent forgeries. When an 
application is desired, the application commences running. Code embedded in the 

application initially requests individual servers provide resources at the client's 

request. To facilitate such licensing, the application typically includes a library of 
programs designed to contact the server, request a license, and track the resulting license. 



When a call is made to a server , all of the execution occurs on each individual server 
for any particular call. Similarly, if a license is located on a particular machine, all 
execution necessary to operate on that license occurs on that machine. Consequently, a 
central server containing most of the licenses available on a particular network is mainly 
responsible for maintaining the licenses. 

In addition, conventional licensing systems rely on code embedded in the application to 
establish the licensing attributes. Code is placed in the application which interprets 
information received from the server to establish licensing parameters. Because the 
behavior of the license is not established until after the request has been made and the 
license obtained, the. ..lack of accountability. 

As computers have proliferated in availability, the investment in computer software has 
also grown, and there have been developed various methods for charging the computer 
user for use of computer software products. Typically computer software products are 

licensed, rather than sold, to the computer user under various arrangements are for 

indefinite periods of time, a license may also be for a limited duration and extendable, so 
that the entity marketing the product can charge a periodic fee (for example, annually) 
for use of the software product. Or use may be absolutely time-limited (for example, one- 
day), so that together over a data path), additional licensing challenges are present. 

For example, a network may permit a user at one node (which may be a terminal or 
workstation, for instance) to utilize a software product running at another node (which 
may be the network server or even another workstation). 

Consequently, the terms of the single-computer type of software license might not 

cover worse still (from the point of view of the licensor) might actually permit such a 

usage without additional compensation to the licensor. One approach to network 
licensing is to grant permission to use the program based on all of the nodes on the 
network, and to require a license for each node. Then typically the license fee may be 
increased as the number of nodes on the network increases. Another approach bases the 
license fee for a software product running on a network on the total number of individual 
users who might actually run the software, regardless of the number of nodes either on 
the network or running the software product at a given time. These approaches, however, 
have usually required the cooperation of the licensee, because additional nodes may be 
added to the network, or additional users may utilize the software, without the 
knowledge of the licensor, who is typically not present on the premises of the licensee. 

The site, but such an audit is intrusive, expensive, and 

may alienate potential or actual customers for licenses. Although other 

approaches exist under which one might charge a single fee per server or per site or per 

entity, often on an individually negotiated basis, these approaches are often impractical or 

inflexible, in wide variation over time in the number of nodes or users and also 

require reliance on licensee cooperation. 

Recently it has become practical in some network environments to determine and limit 

the number of nodes that may access a software product at a given time, 
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and to charge a license fee based on the maximum number of nodes that are permitted to 
use the software product concurrently. 

This is called "concurrent licensing". In these environments, a computer 
program, acting as "librarian" and running on a computer node designated as a license 
server, is typically used to distribute license keys (sometimes called "tokens") over the 
network to nodes requesting access to run a software product; the number of keys is 

tracked by the librarian; and if at a given time, the rights protection for, electronic 

agreements implemented through the use of the present invention. Such agreements may 
involve one or more of(l) creators, publishers, and other distributors, of electronic 
information, 
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(2) financial service (e.g. credit) providers, 

(3) users of (other than financial service providers) information arising from content 
usage such as content specific demographic information and user specific descriptive 
information. Such users may include market analysts, marketing list compilers for direct 
and directed marketing, 

and government agencies, 

(4) end users of content, 

(5) infrastructure service and device providers such as telecommunication companies and 
hardware manufacturers (semiconductor and electronic appliance and/or other computer 

system manufacturers) who receive to support the various underlying agreements 

between parties that comprise this extended agreement. These agreements can define 
important electronic commerce considerations including. 

(1) security, 

(2) content use control, including electronic distribution , 

(3) privacy (regarding, for example, information concerning parties described by medical, 
credit, 

tax, personal, and/or of other forms of confidential information), 

(4) management of financial processes, and 

(5) pathways of handling for electronic content, content and/or appliance control infon- 
nation, electronic content and/or appliance usage information and payment and/or credit. 

WAF agreements may define the electronic commerce relationship of two or more parties 
of a value chain, but such agreements may, at.. .pathways (chains) for: the handling of 
content, content and/or appliance control information, reporting of content and/or 
appliance usage related infori-nation, and/or payment, (3) supporting an evolution of 
terms and conditions incorporated into content control 
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(4) support the combination of multiple pieces of content to form new displaying the 

result. Further, the status of an invoice may be checked in real time for, for example, 
permitting a user to determine whether a payment has been received and the like. 

Any problems encountered relating to the order or shipping of the order are result in 
proactive notification of the and having a July 1996 issue date is indistinguishable 



from other 30-year treasuries having the same properties. Accordingly, the price buyers 
are willing to pay and sellers willing to accept defines the market price of all 30year 
treasury bonds of that same vintage, allowing a source transparent application of open... 
...by the United States Government are known as U.S. 

treasuries. These instruments typically span maturity ternis at issue of 13 to 52 weeks (T- 
bills), one to ten years (notes), and up to 30 years (bonds). The T-bills are.pure discount 
securities having no coupons. Almost all other treasuries having longer ternis are coupon 
notes or bonds, with a defined payment cycle of semi-annual payments to the holder. 

Treasuries have characteristic properties that make them especially useful for the purpose 
of the present invention and.. .of following transactions. To properly track activity, a trade 
generates a (virtual and/or real) single trade ticket-with associated, and screen-displayed, 
reference number. 

CONTENT CHANNEL-RELATED WEB APPLICATION SERVICES 
As illustrated in Figure 53 and denoted by reference numeral 5302, another embodiment 
of the present invention is provided for affording a combination of content channel- 
related web application services. More detail is given in Figure 66. Various features are 
included such as downloading data in operation 6600 and transmitting data, such as 
push-technology data, based on user specifications in operation 6602. In operation 6604, 
a plurality of newsgroups are also provided to which users may subscribe. Content 
subscriptions are also available. Answers are provided to frequently asked questions 
(FAQ's) relating to the content -related web application services. See operation 6606. 
Further, in operation 6608, real time communications are enabled between a plurality of 

users. In use, the transmission If an error occurs during downloading, the download 1 

5 is restarted. These features greatly facilitate transactional dependent downloads. 

PUSH TECHNOLOGY CAPABILITIES 

Sends messages or content to customers proactively 

Allows for delivery and receipt of custom applications developed in all major languages- 
(i.e. 

.Visual Basic, C++, Java) 

Receives, installs, and launches applications automatically without user intervention 
Utilizes plug-ins allowing developers to personalize applications and content 
Performs informal hardware and software audits 
Delivers self-updating applications 

Referring to operation 6602 of Figure 66, push-technology data is transmitted based on 
user specifications. Preselected messages and content may be sent to customers 
proactively. 

Furthennore, applications could be received, installed, and launched automatically 

without user intervention. For example, a software update could be user's computer 

and installed immediately when it becomes available. Also, informal hardware and 
software audits could be performed automatically or at predetermined intervals. 



Ideally, delivery and receipt of applications developed in a variety of programming 
languages, such as VISUAL BASIC, C++, and JAVA, is allowed. Plug-ins may also be 
utilized to allow developers to personalize applications and content. 
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DISCUSSION FORUMS AND NEWSGROUPS 
Securely handles all media types (e.g. graphics, audio, etc.) 

Links to web pages for easy access to published documents... Notifies users if another 
user is on-line 

Provides free forin discussion area 
Allows for moderated chat sessions 

Chat capabilities could be included in the content channels component of the present 
invention. 

Note operation 6608 of Figure 66. Such capabilities would permit collaborative web 

touring and URL pasting, for such things tracks outbound messages 

Automates regular communication triggered by events 
Tracks email responses for campaign management statistics 
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In operation 6610, shown in Figure 66, the content channels component of the present 
invention also permits generation of messages which may be sent to selected users at 

predetermined times or automatically upon occurrence Other messages would be 

queued in mailboxes for response. All or selected messages may be stored to build a 
customer interaction history. 

DYNAMIC RENDERING 

Displays content and applications based on profile 

Pulls content from multiple data sources: static, database, third party site 

Matches content to users via configurable business rules 

Allows custom template based publishing 

The content channels component of the present invention also provides for generic and 
custom are provided, as are forms to enter resources. 

Also listed are interview times and locations as well as campus recruiting dates. Resumes 
are accepted and stored to be later accessed by potential employers, or are routed to an 
appropriate destination. The resumes may be sorted based on keyword search or 
area... provided to each user based on profile data of that user in operation 6704. Further, 
static and dynamic information of interest is provided to a plurality of users having 
similar profile data in operation 6704. Information is also located on a network of 

databases, i.e. the Internet, as a function level, stated profession, etc. as well as 

preferences of the user. Figure 23B illustrates one method for developing a user profile. 

In operation 6900, user information such as search requests, shopping events, and 

browsing habits may be collected by the system or by the user's computer for 
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6803. 



For website, it would highlight first the software and hardware 

performance/requirements specs and next the return on investment. At a higher level, 
with the same customer, if he were searching for a word processor software, then the 

profile would present a review of the best software for accounting firins as written or 

business needs Provides dynamic content and applications to people with similar 
preferences or business needs 

Communities can be created by configurable business rules 

The customer relationship management component of the present invention, in operation 
6702, provides static content and applications to people with similar 
preferences and business needs. Dynamic content... 
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Detailed Description: 

...to verify compliance/ non-compliance to Service Level Agreements (SLA). The process 
provides sufficient usage information for rating and billing. 



This process ensures that the Network Performance goals are tracked, and that 
notification is provided when they are not met (threshold exceeded, performance 



degradation). This also includes thresholds and specific requirements the hybrid 

network. 

Further, in step 1406, billing rates and discounts are determined based on the status of the 
hybrid network. 

In addition to the Network Data Management 1300 generating billing events, the present 
invention also uses a Customer Interface Management process 132, as shown in Figure 
15, to directly interact with customers and translate customer requests and inquiries into 
appropriate "events" such as, the creation of an order or trouble ticket or the adjustment 
of a bill. This process logs customer contacts, directs inquiries to the appropriate party, 
and tracks the status to completion. In those cases where customers are given direct 
access to service management systems, this process assures consistency of image across 
systems,, and security to prevent a customer from harming their network or those of 
other 

customers. The aim is to provide meaningful and timely customer contact 
experiences as frequently as the customer requires. 

Figure 16 is encompasses monitoring, managing and 

reporting of quality of service as defined in Service Descriptions, Service Level 
Agreements (SLA), and other service-related documents. It includes network 
performance, but also performance across all of service parameters, e.g., Orders 
Completed On Time. Outputs of this process are standard (predefined) and 
exception reports specific service. 

Figure 20 is a flowchart illustrating a Service Quality Management Process in accordance 
with a preferred embodiment. First, in step 2000, a hybrid network event is received that 
may include forecasts, quality objectives, available capacity, service problem data, 
quality of service violations, performance trends, usage trends, problem trends, 

maintenance notification of a problem within a hybrid network is received by the 

system. Next, in step 2202, a 

resolution for the problem within the hybrid network is determined. The 
resolution may include a status report, resolution notification, problem reports, service 
reconfiguration, trouble notification, service level agreement violations, 
and/or outage notification. Finally, in step 2204, the progress of the 
implementation of the resolution is tracked. 

The Problem Handling Process 1502 and the Network Data Management 1300 feed 
information to the Rating and Discounting Process 1306, as shown in Figure 23. This 

process applies the correct rating rules to on a customer-by-customer basis, as 

required. It also applies any discounts agreed to as part of the Ordering Process, for 
promotional discounts and charges, and for outages. In addition, the Rating and 
Discounting Process 1306 applies any rebates due because service level agreements were 
not met. The aim is discounts, promotions and credits. 

Figure 24 is a flowchart illustrating Rating and Discounting Process in accordance with a 



preferred embodiment. First, in step 2400, hybrid network customer usage information is 
received. In step 2402, network service level agreement violations are collected, and, in 
step 
74 

, network quality of service violations are received by the Rating and Discounting 
system. 

Next, in step 2406, rating rules are applied to the network customer usage information. 
Further, in step 2408, negotiated discounts are determined based on the network quality 
of service violations and, in step 2410, rebates are determined based on the network 
service level agreement violations. Thereafter, in step 2412, billing data reflecting the 
usage information, the negotiated discounts, and the rebates is provided to generate a 
customer invoice. 

Utilizing infon-nation from the Rating and Discounting Process 1306, the Invoice and 
Collections Process 1504, as shown in Figure 25, creates correct billing information. This 
process encompasses sending invoices to customers, processing their payments and 
performing payment collections. In addition, this process handles customer inquiries 
about bills, and is responsible to resolve billing problems to the customer's satisfaction. 
The aim is to provide a correct bill and, if there is a billing problem, resolve it quickly 
with appropriate status to the customer. An additional aim is to collect money due the 

service provider in a professional and customer is also able to notify the provider 

directly should such an event occur. 

Figure 27 is a flowchart illustrating media communication over the hybrid network of 
the present invention. When a customer initiates a use of the hybrid network, the hybrid 
network, in a first step 2700, transfers the media over the network using IP information 
to route it to the appropriate destination. The media transferred over the network may 
be telephony data, image data, or any other data capable of packet switched transmission. 

In a second step 2702, events are generated based on of the media transfer. As 

discussed above with reference to Figure 17 and Figure 19, these events include 
performance notifications due to SLA violations, and 

customer generated events from the Customer Interface Management Process 
1500, 

In a third step 2704, the events generated in step 2702 are utilized to generate a bill for 
the customer. In addition to normal billing for service provided via the hybrid network, 
the bill is modified based on events generated during the media transfer. For example, 

events representing SLA violations are used to credit customers. As discussed into the 

switch from the same location of origin. This group of ports is the originating trunk 
group. After processing an incoming call, the switch transmits the call to a destination 
location, which may be another switch, a local exchange carrier, or a private branch 
exchange. The call is transmitted over a transmission line referred to as the terminating 
port, or trunk. Similar to the originating port, the terminating port is one of a group... 
...group. 



Contemporary telecommunication networks provide customers with the capability of 
using the general public network as well as the capability of defining a custom virtual 
network (VNet). 

With a VNet, a customer defines a private dialing plan, including plan telephone 

numbers. A VNet customer is not limited to the default telephone fields recording 

local time in three (3) second increments where local switch time represents the time of 
day at a switch. The I d other network subsystems. 

t mepoint fields are used by the network switches, billing center, an 

Each subsystem, however, may require the time period for a different use and in a 

different fori-nat, such as in an epoch time forinat. Epoch time is the number of one (1) 

second increments since a particular date and time in history. For example, the billing 

center requires epoch time 
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for its billing records whereas switch reports and error logs require local switch time. 

A problem also arises when using only local switch time in that there is match all of 

the call records associated with a specific telephone call. For example, for proper billing 
and cost control, it is necessary for the billing center to match the originating switch's 
call record to the terminating switch's call record. Also, for troubleshooting and security 
purposes, it may be necessary to trace a specific telephone call through the network with 
ease in order to isolate problem areas. 

Therefore, there is a need for switches of a telecommunications network to uniquely 
identify each telephone call that traverses the network, thereby uniquely identifying all of 
the call records associated with a specific telephone call. 

An... zero (0) local switch time, or any other time. 

Epoch time is only a format and does not dictate that UTC must be used. The billing time 
and the local switch time may be in UTC or local time, and the local switch time may not 
necessarily be the same time that is used for billing. Therefore, the switch must keep 
billing time and local switch time separate in order to prevent the problems that occur 
during daylight savings time changes. 

Network Call Identifier 

This embodiment solves call. The NOD is small enough to fit in a 32-word call 

record, thereby reducing the data throughput and storage. The NCID provides the billing 
center and other network subsystems with the ability to match originating and terminating 
call records for a specific telephone call. 

79 

This embodiment also provides... A SER is reserved for special events such as the passage 
of each hour mark, time changes, system recoveries, and at the end of a billing block. 
The SER record forinat is also described in more detail below. 



Figures 36 and 37 collectively illustrate the logic that a switch uses to 22) digits, 

including supplemental data, are recorded in the Authorization Code field of the call 
record. The Authorization Code field indicates a party who gets billed for the call, such 
as the calling location or a credit card call. If the data entry requires more than twenty- 
two (22) digits, the switch 1206-1210 records the billing infori-nation in an expanded 
record (ECDR, EPNR, EOSR, EPOSR) 3616. 

In a seventh check 3700 on a call 3602, a switch 1206-1210 determines... channels. 

Therefore, to indicate which, and how many, of the 

provi 

twenty-four channels is used during a wideband call, the switch records the channel 
information in an expanded record (ECDR, EPNR) 3708. 

In an eighth check 3702 on a call 3.602, a switch 1206-1210 determines if the time and 
charges feature was used by an operator. The time and charges feature is typically used 
in a hotel scenario when a hotel guest makes a telephone call using the operator's 
assistance and charges the call 3602 to her room. After the call 3602 has completed, the 
operator informs the hotel guest of the charge, or cost, of the call 3602. If the time and 
charges feature was used with a call 3602, the switch 1206-1210 records the hotel guest's 

name and room number in an expanded record (EOSR on another date/time. In the 

records, Timepoint I represents the epoch time that is the origination time of the call 
3602. The other timepoint stored in the records are the number of seconds after 
Timepoint 1, that is, they are offsets from Timepoint I that a particular timepoint 
occurred. All stay at the maximum count if the time exceeds the limits. 

The switch clock reflects local switch time and is used for all times except billing. 
Billing information is recorded in epoch time, which in this embodiment is UTC. The 
Time offset is a number reflecting the switch time relative to the.. .an Event Qualifier 
equal to two which identifies that the change was made to the Local Switch Time and 
Time Offset of the switch. 

The billing center uses the SER for its bill processing. The switch proceeds to step 3810 
and exits the command. Referring back to step 3806, if the switch operator does not 

verify the changes and exits the command without updating the Local Switch Time 

and Time Offset. 

After the successful completion of a Change Daylight Savings Time Command, the 
billing records are affected by the new Time Offset. This embodiment allows the epoch 
time, used as the billing time, to increment normally through the daylight savings time 
change procedure, and not to be affected by the change of Local Switch Time and Time 
Offset. 
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Network Call Identifier 

An embodiment provides a unique NCID that is assigned to each telephone call that 



traverses through the telecommunications network. Thus, the NCID is... Switch IID is the 
NCS Switch ID, not the alphanumeric Switch ID as recorded in the SER call record. If 
the AuthCode is used for other information, the intermediate and terminating switches 
record the NCID in the 64- word call record format. In contrast, originating switches do 
not use the AuthCode... the call 3602, the current switch proceeds to step 4418, thereby 
exiting the switch processing. 

A system and method for the switches of a telecommunications network to generate call 
records for telephone calls using a flexible and expandable record format. Upon receipt of 
a telephone call, a switch in the network analyzes the telephone call to determine 
whether the default call record is sufficiently large to store call record information 

pertaining to the telephone call, or pertaining to the telephone call. After determining 

which call record to use, the switch generates the default or expanded call record. The 
switch sends a billing block, comprised of completed call records, to a billing center 
upon filling an entire billing block. 
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Introduction To A Callback Telephony System in Accordance 
With A Preferred Embodiment 

In today's telephony environment, a caller must contact an operator from a computer 

and filling out information describing the parameters of a call. Information such as the 
date and time the call should be initiated, billing information, and telephone numbers of 
parties to participate in the call could be captured. Then, based on the information 
entered, a central or distributed computing facility with access to the hybrid network 
transmits e-mail in a note to each party required for the call copying the other parties to 

verify participation and calendar the event. The e or organization needs are also 

enabled and can be tailored to meet the needs of a particular user based on more global 
infori-nation. 
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Billing information would also be provided online. A user could enter a pre-arranged 
billing number or the ability to bill to a credit card or telephone number. If billing to a 
telephone number, the system treats the call like a collect or third party call to verify 
billing. 

If profile information were predefined for a particular call scenario, then another option 

would allow an immediate connection of a conference call or single call of a button, 

much as speed dialing is performed today except that more than one caller could be 
joined without intervention of the calling party, Internet callers are supported and an 
operator can be joined as required. 

Before describing this aspect of the present invention, a description of internet 
environment is presented. 

Internet 

The Internet is a method of interconnecting physical networks and a set of conventions 



for using networks that allow the computers they reach to interact. Physically, the 
Internet is a huge, global network spanning over 92 countries and comprising 59,000 
academic, commercial, government, and military networks, according to the Government 

Accounting Office (GAO), with these numbers expected speed communication links 

between major supercomputer sites and educational and research institutions within the 
U.S. and throughout the Protocols govern the behavior along the Internet backbone and 
thus set down the key rules for data conu-nunication. Transmission Control 

Protocol/Internet Protocol (TCP/IP) has an open nature and is Internet connection is 

TCP/IP, which consists of a large set of data communications protocols, two of which are 
the Transmission Control Protocol and the Internet Protocol. 

The International Telecommunication Union-Telecommunication Standardization Sector 
("ITUT") has established numerous standards governing protocols and line encoding for 
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telecommunication devices. Because many of these standards are referenced throughout 
this document, summaries of the relevant standards are listed below for reference. 

ITU G.711 Recommendation for Pulse Code Modulation of 3kHz Audio Channels. 

ITU G.722 Recommendation for 7kHz Audio Coding within a 64kbit/s channel. 

ITU G.723 Recommendation for dual rate speech coder for multimedia communication 
transmitting at 5.3 and 6.3 kbits. 

ITU G.728 Recommendation for coding of speech at 16kbit/s using low-delay code 
excited 

linear prediction media. 

An understanding of how infori-nation travels in communication systems is required to 
appreciate the recent steps taken by key players in today's Internet backbone business. 
The traditional type of communication network is circuit switched. The U.S. telephone 
system uses such circuit switching techniques. When a person or a computer makes a 
telephone call, the switching equipment within the telephone system seeks out a physical 
path from the originating telephone to the receiver's telephone. A circuit-switched 
network attempts to form a dedicated connection, 
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or circuit, between these two points by first establishing a circuit from the originating 
phone through the local are transmitted to the Local Exchange Carrier (LEC) Central 
Office (CO) in analog form over an analog loop. The analog signal is not converted to 

digital form the equipment is modem enough to support digital information. In an 

ISDN embodiment, however, the analog signals are converted to digital at the device and 
transmitted to the LEC as digital information. 

Upon connection, the circuit guarantees that the samples can be delivered and 
reproduced by maintaining a data path of 64 Kbps (thousand bits per second)- This rate is 
not the rate required to send digitized voice the 64 Kbps path is maintained from LEC 



Central Office (CO) Switch to LEC CO, but not from end to end. The analog local loop 
transmits an analog signal, not 64 Kbps digitized audio. One of these analog local loops 
typically exists as the "last mile" of each of the telephone network circuits to attach the 
local telephone of the calling party. 

This guarantee of capacity is the strength of circuit- switched networks. However, circuit 

switching has way to gain connection until some other connection terminates. 

Second, utilization can be low while costs are high- In other words, the calling party is 
charged for the duration of the call and for all of the time even if no data transmission 

takes place (i.e. no one speaks). Utilization very high quality codecs are available that 

can encode voice using less than one-tenth of the bandwidth of 
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PCM. However, the circuit switched network blindly allocates 64 Kbps of bandwidth for 
a call, end-to-end, even if only one-tenth of the bandwidth is utilized. Furthermore, each 

circuit a single block may tie up a line for many minutes, rendering message 

switching useless for interactive traffic. 

Packet switched networks, which predominate the computer network industry, divide 
data into small pieces called packets that are multiplexed onto high capacity intermachine 
connections. A packet is a block of data with a strict upper limit on block size that carries 
with it sufficient identification necessary for delivery to its destination. Such packets 
usually contain several hundred bytes of data and occupy a given transmission line for 

only a few tens of milliseconds larger file via packet switching requires that it be 

broken into many small packets and sent one at a time from one machine to the other . 
The network hardware delivers these packets to the specified destination, where the 
software reassembles them into a single file. 
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Packet switching is used by virtually all computer interconnections was delivered 

before forwarding. Today, message switching is no longer used in computer networks 
because of the superiority of packet switching. 

To better understand the Internet, a comparison to the telephone system is helpful. The 
public switched telephone network was designed with the goal of transmitting human 
voice, in a more or less recognizable fori-n. Their suitability has been improved 
for.computer-to-computer communications but remains far from optimal. A cable 
running between two computers can transfer data at speeds in the hundreds of ...be 1 1 
orders of magnitude better than a voice-grade telephone line. New technology, however, 
has been improving the performance of these lines. 

The Internet is composed of a great number of individual networks, together forming a 
global connection of thousands of computer systems. After understanding that machines 
are connected to the individual networks, we can investigate how the networks are 
connected together to form an internetwork, or an internet. At this point, internet 
gateways and internet routers come into play. 



In terms of architecture, two given networks are connected by a computer that attaches... 
...as to how to send the data packets it receives to its destination through the use of 
continually updated routing tables. By analyzing the destination network address of the 
packets, routers make these decisions. Importantly, a router does not generally need to 
decide which host or end user will receive a packet; instead, a router seeks only the 
destination network and thus keeps track of information sufficient to get to the 
appropriate network, not necessarily the appropriate end user. Therefore, routers do not 
need to be huge supercomputing systems and are often 'ust machines with small main 

memories concatenation of the area code and the first three digits of the telephone 

number uniquely specify an end office and help dictate the rate and billing structure. 

The two-wire connections between each subscriber's telephone and the end office are 

called local loops. If a subscriber attached to a given switching techniques discussed 

earlier. 

If the subscriber attached to a given end office calls a user attached to a different end 
office, more form a network by which the toll offices are connected. The toll, sectional, 
and regional exchanges communicate with each other via high bandwidth inter-toll 
trunks. The number... can operate at gigabit (trillion bit) per second speeds to handle the 
traffic from many computers. 

Optical fibers (versus copper wires) that provide high data transfer rates, with host-to- 
ATM switch connections running at 100 or 155 Mbps (million bits per second). 

3) Fixed size cells, each of which includes designed to carry voice, video, and 

television signals in addition to data. Pure packet switching technology is not conducive 
to carrying voice transmissions because such transfers demand more stable bandwidth. 

Frame relay systems use packet switching techniques, but are more efficient than 

traditional systems. This efficiency is partly due to the has become unnecessary. 

Thus, frame relay offers increased performance compared to traditional systems. 
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An Integrated Services Digital Network is an "international telecommunications standard 
for transmitting voice, video, and data over digital lines," most commonly running at 64 
kilobits per second. The traditional phone network runs voice at only 4 kilobits... step 
4506. 

In a correlation step 4506, the event gathered in step 4504 is correlated with a second 
event obtained from a packet-switche d network element. As with circuitswitched 
network elements, packet- switched event gathering and interpretation 
is typically performed by custom developed software interfaces which 
communicate directly with the network elements, process raw network events, 
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and sort the events by context prior to storing them. As discussed above, the correlation is 
preferably provided by a rules based inference and second events obtained in steps 



4504 and 4506. Preferably the fault message is created utilizing a comprehensive library 
of all possible message types and network events which categorizes the numerous 
messages that the hybrid 
network generates, 

Figure 46 is a block diagram showing a Fault Management component 4600 in 
accordance with a preferred embodiment of the present invention. The Fault Management 
component 4600 records failures and exceptions in network devices (e.g. network 
routers or UNIX servers) and performs the following operations. 

1) performs root-cause correlation of the failures and exceptions; 

2) immediately takes corrective and/or... object format in a translation step 4806. 

In a translation step 4806, information from step 4804 that is deemed critical to monitor 
and manage the network is translated into a standard object format. Generally, typical 
operational events are only logged and not translated into standard object format. 

However, critical information, such to provide universal information access by an 

object request broker. The object request broker allows the hiformation Services Manager 
to share management information stored in distributed databases. The Proactive 
Threshold Manager uses the information provided by the Information Services Manger to 

determine a current level of service and compare the current Management 

As discussed above, the element manager works with the Information Services 
Manager and the Presentation Manager to assist in the management of the 
hybrid network system. The three components are briefly described below to provide 
context for the detailed discussion of the element manager that follows. 

Element Manner 

The element manager communicates with the network elements to receive alarms and 
alerts through trapping and polling techniques. The element manager is the layer where 
the primary data reduction functions reside. At this layer, events received at the element 
manager 'II be filtered, aggregated and correlated to further isolate problems within the 
network. 
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Information that is deemed critical to monitor and manage the network is translated into a 

standard object format and forwarded to the Information Services between element 

managers and presentation managers. All information forwarded from the element 
managers is utilized by the information services manager to provide information to the 
network operators. The information services manager adheres to CORBA standards to 
provide ubiquitous infon-nation access via an object request broker (ORB). The ORB 
allows the infon-nation services manager to share management information stored in 
distributed databases. 

The information services manager stores critical management information into 
operational (real-time) and analytical (historical) distributed databases. These databases 
provide common data storage so that new products can be easily inserted into the 
management environment. For example, if an event is received at an element manager 



that is deemed critical to display to a network user, the information services manager 

will 
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store a copy of the alann in the operational database and then forward the alarm to the 
appropriate network operator. 

Media and textual databases are also provided by the information services manager. The 
databases includes online manuals for administrative purposes, as well as for the 
maintenance specialists to access element specific information. The databases also 'de 
procedures, policies and computer based training to network users. 

provi I 

The inforination services manager provides requested information (real-time and 
historical) to the network users via the presentation manager. 

Presentation Manager 

The presentation manager performs the function its name implies: the 

presentation of the information to an end user. Because different locations and job 

functions require access to different types of information, there are at least two types of 

display methods. The first is for graphic intensive presentations 

and the second is for nomadic correlated events into standard object format. 

Once the events are translated, they are ready for use by other system 
components, such as Fault Management or Billing. 

Customer Support Structure 

The organization model for customer service support in the NGN network 
provides a single point of contact that is customer focused. This single point of contact 
provides technical expertise in resolving customer incidents, troubles and requests... 
...tiered support structure is greatly increases customer satisfaction in service needs. Each 
tier, or level, possess an increased level of skill, with tasks and responsibilities 
distributed accordingly. 

Figure 50 is a flowchart showing a ...present invention. The Three 
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Tiered Customer Support Process 5000 begins with a First Tier step 5002. In step 5002, a 
customer with a hybrid network problem is provided access to customer support 
personnel having a broad set of technical skills. The broad set of technical skills allows 

this group to resolution of the problem than could usually be achieved with prior art 

product support techniques. 

In addition, one embodiment of the present invention makes the Internet a viable 
alternative to telephone calls as a tool for providing consumer product support. Many on- 
line computer services, such as Prodigy and America On-Line, provide, for a fee as a part 
of their on-line service, software for connecting to and accessing the Internet. 



The Internet access software accesses and "handshakes" with an "Internet 

Entry Server", which verifies the PIN number, provides the access and times the userys 

access time, The Internet Entry Server is programmed to recognize the PIN number as 

entitling the user to a limited prepaid or "free" Internet access 
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time for on-line help services. Such a time period could be for a total time period such as 

1 hour or more installing or using the sponsor/vendor's product. As an optional 

promotional service, upon terr-nination of the on-line help session, access to other 
information on the Internet can be provided. Once the "free" on-line help service time or 
time period is up, the Internet Entiy Server prompts the user with one or more of a 
plurality of options for extending the availability of online help. For example, the user 
can be prompted to enter a credit card number to which on-line help charges can be 
charged; he or she can be given the opportunity to answer additional survey information 
in return for additional "free" on-line help; or a 900 subscriber paid telephone access 
number can be provided through which additional on- line help will be billed via the non- 
nal telephone company 900 billing cycles. 

Integrated IP Telephony User Interface 

One embodiment of the present invention allows a user of a web application to 
communicate in an audio fashion in-band without having to pick up another telephone. 
Users can click a button and go to a call center through a hybrid 
network using IP telephony, The system invokes an IP telephony session 
simultaneously with the data session, and uses an active directory lookup whenever a 
person uses IP telephony process 5 1 00 in 

accordance with a preferred embodiment of the present invention. The IP 
telephony process 5 100 begins with a transmitting step 5102. In step 5102, data is 
transmitted over the hybrid network during a data session. This data session is typically 
a normal Internet browsing session, and is generally initiated by a 
web browser. Utilizing a web browser, users begin the data session by 

performing actions such as searching another data handling or data communication 

device of the same character. The devices themselves typically are referred to as users, in 
the context of the network. Blocks or frames of data are transmitted over a link along a 
path between nodes of the network. Each block consists of a packet together with control 

infori-nation in the form of a header and a trailer which are added to the handling 

tasks which were formerly required of the host. The communication processor is adapted 
to interface with the host and to route packets along the network; consequently, such a 
processor is often simply called a packet switch. Data concentrators have also been 
developed to interfacewith hosts and to route packets along the network. In essence, data 
concentrators serve to switch a number of lightly used links onto a smaller number of 

more heavily used links. They are often through the network, in which user packets 

associated with a great number of users shar( link and switch facilities as the packets 
travel over the network. The packets ma) require storage at nodes between transmission 
links of the network until they may be forwarded along the respective outgoing link for 
the overall path. In connectionless transmission, another mode of packet- switched data 
transmission, no initial connection is required for a data path through the network. In this 
mode, individual datagrams carrying a destination address are routed through the 



network from source to destination via intermediate nodes, and do not necessarily arrive 
in the order in which they were transmitted. 

In a lookup step 5108, the telephonic communication over the hybrid network is limited 
bases on a user profile. Preferably the user profile is included in a rules database, By 

locating the user profile within the rules can provide seamless cross-location 

registration without the need for 
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duplicate databases located on different networks. Using a rules database, a user utilizing 
the Internet in Europe can get the same telephony service as provided in the United 
States, as described above. Preferably the computer used to interface with the Internet 
includes multimedia equipment such as speakers and a microphone. Utilizing a 
multimedia equipped computer allows a user to use telephonic communication with little 
or no disruption while interfacing with the Internet. Multimedia computer speakers are 
used to receive the telephony audio from the network and the microphone is used to 
transmit the telephony 

data to the... services component 5310, or a web customer service component 5312. 

The present invention provides a new kind of web architecture framework (called "WAP 
in this document) that secures, administers, and audits electronic information use. WAF 
also features fundamentally important capabilities for managing content that travels 
"across" the "infori-nation highway." These capabilities comprise a rights protection 
solution that serves all electronic community members. These members include content 
creators and distributors, financial service providers, end-users, and others. WAF is the 
first general purpose, configurable, transaction control/rights protection solution for users 
of computers, other electronic appliances, networks, 
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and the information highway. 

The Internet is a method of interconnecting physical networks and a set of conventions 
for using networks that allow the computers they reach to interact. Physically, the... 
...operating system and architectural differences. As such, TCP/IP protocols are publicly 
available in standards documents, particularly in Requests for Comments (RFCs). A 
requirement for Internet connection is TCP/IP, which consists of a large set of data 
communications protocols, two of which are the Transmission Control Protocol and the 
Internet Protocol. 

The International Telecommunication Union-Telecommunication Standardization Sector 
("ITUT") has established numerous standards governing protocols and line encoding for 
telecommunication devices. Because many of these standards are referenced throughout 
this document, summaries of the relevant standards are listed below for reference. 

ITU G.71 1 Recommendation for Pulse Code Modulation of 3kHz Audio Channels. 



ITU G.722 Recommendation for 7kHz Audio Coding within a 64 kbit/s channel. 



ITU G.723 Recommendation for dual rate speech coder for multimedia communication 
transmitting at 5.3 and 6.3 kbits. 

ITU G.728 Recommendation for coding of speech at 16 kbit/s using low-delay code 
excited 

linear... in this event, there is no way to gain connection until some other connection 
terminates. Second, utilization can be low while costs are high. In other words, the 
calling party is charged for the duration of the call and for all of the time even if no data 
transmission takes place (i.e. no one speaks). Utilization... concatenation of the area code 
and the first three digits of the telephone number uniquely specify an end office and help 
dictate the rate and billing structure. 

The two- wire connections between each subscriber's ...deployed widely to accommodate 
these high bandwidth services. 

WAF supports a general purpose foundation for secure transaction management, 
including usage control, auditing, reporting, and/or payment. This general purpose 
foundation is called "WAF Functions" ("WAFFs"). WAF also supports a collection ... 
with capability parameter data to reflect the elements of one or more express electronic 
agreements between WAF participants in regards to the use of electronic content such as 
commercially distributed products. These control capabilities manage the use of, and/or 
auditing of use of, electronic content, as well as reporting information based upon 
content use, and any payment for said use. WAFF capabilities may flevolve" to reflect 
the requirements of one or more successive parties who receive or otherwise contribute to 
a given set of control information. Frequently, for a WAF application for a given content 
model (such as distribution of entertainment on CD-ROM, content delivery from an 
Internet repository, or electronic catalog shopping and advertising, or some combination 
of the above) participants would be able to securely select from amongst available, 

alternative control materials, etc.) and certain control information related to the use of 

the object's content. A creating party may make a WAF container available to other 
parties. Control infori-nation delivered by, and/or otherwise available for use with, WAF 
content containers comprise (for commercial content distribution purposes) WAFF 
control capabilities (and any associated parameter data ...more WAFF capabilities may be 
present at a WAF installation, and certain WAF agreements may have been entered into 
during the registration process for a content distribution application, to be used by such 
installation for securely controlling WAF content usage, auditing, reporting and/or 
payment. Similarly, a specific WAT participant may enter into a WAF user agreement 
with a WAF content or electronic appliance provider when the user and/or her appliance 

register with such provider as a WAF installation and/or user. In such events require 

certain one or more load modules execute as processes at an appropriate time to ensure 
that such credit will be used in order to pay for user use of the content. A certain 
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content provider might, for example, require metering the number of copies made for 

distribution to employees the execution of a metering method for copying of the 

property each time a copy was made for another employee. This same provider might 
also charge fees based on the total number of different proper-ties licensed from them by 



the user and a metering history of their licensing of properties hitherto infeasibly low 

price points, "pass-along" control information that is enforced without involvement or 
advance knowledge of the participants, etc. 

The present invention allows content providers and users to formulate their transaction 
environment to accommodate. 

(1) desired content models, content control models, and content usage 
information pathways, 

(2) a complete range of electronic media and distribution means, 

(3) a broad range of pricing, payment, and auditing strategies, 

(4) very flexible privacy and/or reporting models, 
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(5) practical and effective security architectures, and 

(6) other administrative procedures that together related to information regarding their 
usage of 

electronic information and/or appliances, 

(2) societal policy such as laws that protect rights of content users or require the 
collection of taxes derived from electronic transaction revenue, and 

(3) the proprietary and/or other rights of parties related to ownership of, 
distribution of, andlor other commercial rights related to, electronic 
information. 

WAF can support "real" commerce in an electronic form, that is the progressive 

creation of commercial relationships that form, over time, a network of 

interrelated agreements representing a value chain business model. This is achieved in 

part by enabling content control information to develop through the 

interaction of (negotiation between) securely created and independently 

submitted sets of content and/or appliance control information. Different sets... 

...invention allows a competitive electronic commerce marketplace to develop since the 

use of WAF enables different, widely varying business models using the same or shared 

content, 

A significant facet of the present invention's ability to broadly support electronic 

commerce is its ability to securely manage independently delivered WAF 

component objects containing control information (normally in the form of WAF 

objects containing one or more methods, data, or load module WAF 

components). This independently delivered control information can be 

integrated with senior and other pre-existing content control information to securely 

form derived control information using the negotiation mechanisms of the present 

invention. All requirements specified by this derived control information must be 

satisfied before WAF controlled content can be accessed or 

otherwise used. This means that, for example, all load modules and any 

mediating data which are listed by the derived control information as required must be 

available and securely perform their required function. In combination with other aspects 

of the present invention, securely, independently delivered control components allow 

electronic commerce participants to freely stipulate their business requirements and trade 



offs. As a result, much as with traditional, 
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non-electronic As a result, users 

of WAF can avoid the confusion and expense and other inefficiencies of 
different, limited purpose transaction control applications for each different content 
and/or business model. For example, WAF allows content creators to use the same WAF 
foundation control arrangement for both content authoring and for licensing content 
from other content creators for inclusion into their products or for other use. 
Clearinghouses, distributors, content creators, and other WAF users can all interact, 
both with the applications running on their WAF installations, and with each other, in an 
entirely consistent manner, using 
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and reusing (largely transparently) the same distributed tools, mechanisms, and 
consistent user interfaces, regardless of the type of WAF activity. 

WAF participants in a commercial value chain can be "commercially" confident (that... 
...appliance use, and/or they may include "static" electronic assertions, such as an end- 
user using the system to assert his or her agreement to pay for services, not to pass to 
unauthorized parties electronic 

information derived from usage of content or systems, and/or agreeing to 
observe copyright laws. Not only can electronically reported transaction related 
information be trusted under the present invention, but payment may be 
automated by the passing of payment tokens through a pathway of payment 
(which may or may not be the same as a pathway for reporting). Such payment 
can be contained within a WAF container created,automatically by a WAF 
installation in response to control information (located, in the preferred embodiment, in 
one user's WAF installation secure 

subsystem) based upon usage of WAF controlled electronic content andlor 
appliances (such as governments, financial credit providers, and users). 

WAF allows the needs of electronic commerce participants to be served and it can bind 
such participants together in a universe wide, trusted commercial network that can be 
secure enough to support very large amounts of commerce. 

WAF's security and metering secure subsystem core will be present at all 
physical locations where WAF related content is (a) assigned usage related 
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control information (rules and mediating data), and/or (b) used. This core can perform 
security and auditing functions (including metering) that operate within a "virtual black 
box," a collection of distributed, very secure WAF related hardware instances that are 
interconnected by secured information exchange (for example, telecommunication) 
processes and distributed database means. 

WAF further includes highly configurable transaction operating system 
technology, one or more associated libraries of load modules along with 
affiliated data, WAF related as well as system software designed to enable WAF 



integration into 

host environments and applications. WAF's usage control information, for 

example, provide for property content and/or appliance related: usage 

authorization, usage auditing (which may include audit reduction), usage billing, usage 

payment, privacy filtering, reporting, and security related communication and encryption 

techniques. 

WAF's fundamental configurability will allow a broad range of competitive electronic 
commerce business models. ..a user would then simply click on with a mouse pointer to 
select the items. Other options include scrollable menus, etc. In operation 5504, a 
payment is then accepted in exchange for the predetermined set of items. Such 

predetermined set of items is then stored in operation 5506, thereby allowing the sets 

of items should be easily accessible throughout the display catalog, such as through links. 

Optionally, multiple languages maybe incorporated into the present invention and 
payment for the predetermined set of items may be accepted in any one of a plurality of 
currencies such as electronic and foreign. 

Recently, an online basket. During the shopping, he or she examines the content of 

the shopping basket as required to check the item scheduled to purchase and the pay 
amount of the items. Accordingly, it is not necessary to always display the purchase list 
on the screen, but the functions to access to the.. .in operation 5904. If no keywords 
match, the user's words could be analyzed using a thesaurus to find keyword matches in 
operation 5906. A payment is then accepted in exchange for the solution in operation 

5810 of Figure 58, as will be discussed in more detail below. It should be availability 

may be determined with respect to the selected items and the selected features thereof for 
display purposes in operation 6006. Further, in operation 6008, payment is accepted in 
exchange for the selected items and the selected features thereof. It should be noted that 
in the foregoing description, the items each select each of the features individually. 

The present invention provides a system and method for conducting commerce Via an 

electronic means, such as a computer network, cable television network, 

or direct dial modem. Previous attempts to provide electronic commerce 

subsystems have been custom tailored to an individual commerce offering, and have not 

been adaptable application logic or presentation. 

Another company, Open Market, is developing a similar electronic catalog 

system consisting of a HyperText Markup Language (HTML) authoring tool 

(called Storebuilder), and a server (called Webserver) connected to an 

integrated back-end commerce system (called TransactionLink), This system appears to 

share similar characteristics and disadvantages as the Netscape 

system, 

Any of the foregoing types of browsers may employed to access various 
databases via the Internet in order to conduct electronic commerce-related business. 
Typical database or rile-based shopping cart systems require that the user be uniquely 
identified in order to associate particular data stored on the server with a particular user. 



This requires the user to log-in or create an account, which is then stored in the server. 
Each subsequent request from the user must reference the unique identifier, either in the 
uniform resource locator (URL) or as hidden data passed back through a form 
submission. Either of these... the insurance contract is printed remotely from the client 
and mailed to him. The on-line terminals are not automatic self-service vending 
machines; the client must deal with the company through agents. 

158 

In another example of a related system, a terminal includes a CPU and is 

coupled to a memory unit which has data bases storing information. Certain elements... 

...data processing center, to take orders for goods or services from customers and transmit 

them for processing to the central data processing center, to accept payment, and to 

deliver goods or services in the form of documents to the customer when orders are 

completed. 

The central data processing center is also trip or 
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vacation which is periodically updated via a communication link with the remote control 
center. The self-service terminal normally operates off-line. 

Payment for items purchased over the Internet is also a concern. Today, 
approximately 350 billion coin and currency transactions occur between 
individuals and institutions every year. The extensive use of coin and currency 

transactions has limited the automation of individual which are used primarily by 

large commercial organizations. 

The Automated Clearing House ("ACH") where a user can enter a preauthorized code 

and download information with billing occurring later, and a 

160 

Point Of Sale (POS) system where a transaction is processed by connecting with a central 
computer for authorization for the transaction granted or denied 
immediately are examples of EFT systems that are utilized by retail and 
commercial organizations. 

Rome Banking bill payment services are examples of an EFT system used by 
...a trend towards off-line payments. For 

example, numerous ideas have been proposed for some form of "electronic 
money" that can be used in cashless payment transactions as alternatives to the 
traditional currency and check types of payment systems, 
The more well known techniques include magnetic stripe cards purchased for a 

given amount and from which a prepaid value can be deducted for to obtair 

information offered by a customer and transmitted by a computer operating under the 
control of the customer over a publicly accessible packet- switched network (e.g., the 
Internet) to the computer operating under the control of the merchant, without risking 
the exposure of the information to interception by third parties that have access to the 
network, and to assure that the information is from an authentic source. It is further 



desirable for the merchant to transmit information, including a subset of the information 
provided by the customer, over such a network to a payment gateway computer system 
that is designated, by a bank or other financial institution that has the responsibility of 
providing payment on behalf of the customer, to authorize a commercial transaction on 
behalf of such a financial institution, without the risk of exposing that information to 
interception by third parties. Such institutions include, for example, financial institutions 
offering credit or debit card services. 

Such secure payment technologies include Secure Transaction Technology 

CM"), Secure Electronic Payments Protocol ("SEPP"), Internet Keyed 

Payments ("iKP"), Net Trust, and Cybercash Credit Payment Protocol. One of ordinary 

skill in the art readily comprehends that any of the secure payment 

technologies can be substituted for the SET protocol without undue 

experimentation. Such secure payment technologies require the customer to 

operate software that is compliant with the secure payment technology, 

interacting with third-party certification authorities, thereby allowing the customer to 

transmit encoded information to a merchant, some of which may be 

decoded by the merchant, and some which can be decoded only by a payment 

gateway specified by the customer. 

Another such attempt to provide such a secure transmission channel is a general. 
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purpose secure communication protocol such as connection supports 

only a two-computer connection. Therefore, SSL does not provide a mechanism for 
transmitting encoded information to a merchant for retransmission to a 
payment gateway such that a subset of the information is readable to the 
payment gateway but not to the merchant. Although SSL allows for robustly secure two- 
party data transmission, it does not meet the ultimate need of the comprehends that 

any of the general-purpose secure communication protocols can be substituted for the 
SSL transmission protocol without undue experimentation. 

Banks desire an Internet payment solution that emulates existing Point of Sale (POS) 
applications that are currently installed on their host computers, and require minimal 

changes to their host systems is a critical requirement 
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since any downtime for a banks host computer system represents an enormous 
expense. Currently, VeriFone supports over fourteen hundred different 
payment-related applications. The large number of applications is necessary to 
accommodate a wide variety of host message formats, diverse methods for 
communicating to a variety... bank's proprietary protocol, and by providing other value- 
added services that a 

merchant may not be able to obtain at another bank., 

Internet-based payment solutions require additional security measures that are 
not found in conventional POS terminals. This additional requirement is 
necessitated because Internet communication is done over publicly utilizing the 



Internet for a communication backbone, employ some form of cryptography. 
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As discussed above, the current state-of-the-art in Internet based payment processing is a 
protocol referred to as SET. Since the SET messages are uniform 
across all implementations, banks cannot differentiate themselves in any 

reasonable way is not a proper superset of all protocols utilized today, there are bank 

protocols which cannot be mapped or translated into SET because they require data 
elements for which SET has no placeholder. Further, 
SET only handles the message types directly related to authorizing and 
capturing credit card transactions and adjustments. ..to perform commercial transactions 
that involve order entry systems Four different types of commercial transactions might 
commonly occur in a commercial online service. First, a user may be charged for the 
right to access all or parts of a useful publicly accessible online system. Second, the 
online service may pay the user for performing some type of action such as winning a 
contest or completing a marketing survey. Third, an online service may charge a conteni 
provider for placing certain information on the online service. For example, a content 
provider can be charged for placing an advertisement on the online service. Finally, a 
content provider can be paid by the online service for providing information that users 
may wish to access, can be can be provided on a for-fee basis. Conversely, an online 
service provider may wish to pay third party content providers for placing useful material 
on the online service. 

Thus, when creating a publicly accessible online system, it is desirable to include... 
...advertising in a virtual shopping envirom-nent in operation 5410 of Figure 54. Figure 
61 illustrates the operation in more detail. In operation 6102, a plurality of items, i.e. 
products or services, are displayed for purchase. Along with the items being displayed for 

purchase, or on a subsequent page or time, or according to the premium paid by the 

advertiser. A user is permitted to select the items for purchase, as indicated by operation 
6104. Payment is then accepted in exchange for the selected items in operation 6105. 
While thevirtual shopping environment is being used, advertisement information may be 

displayed which to the user based on the profile of the user- This is particularly useful 

where the advertisements are being rotated. Then the advertiser would be billed based 
upon the number of times its advertisement was shown Note that the items each include 

at least one of a product and a service selling, up-selling, advertisements, and 

promotions are linked to pages containing greater detail or to a purchasing area. 
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The use of advertising revenues to pay for information dissemination is well established 
in domains such as television and radio in which end users are tuned to a continuous 
signal over a... like. 

Yet another example of mixing advertisements with information dissemination are 
newspapers and magazines. 

Most, and perhaps all such examples of mixing advertisements with information content 



are based on systems in which the end user has actively elected to view or listen to a 
program or to otherwise receive information. Furthermore, in 
virtually all such systems or media, the juxtaposition or placement of 
advertisements and information content is explicitly programmed or determined 
by human beings working as "editors" or in a similar content and/or 
presentation editing capacity. 
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Distributing information via the Internet or other publicly accessible computer 
communication networks has been largely unsupported by advertising revenues due to 
the lack of good mechanisms for mixing advertising and information content in such a 
way as to be acceptable to both end users and advertisers. 

There are, of course, some exceptions where advertising/content mixtures from other 
contexts, such as newspapers and television, have been simply replicated on the Internet. 
For instance, some newspapers have been "published" at least iin part on the Internet, 
and include advertisements along with information content, In fact, some newspapers sell 
advertising space on an associated World Wide Web (WWW) site, which often 

includes Further, the user is allowed to select the items for purchase in operation 

6308. Factors that are tailored include price and availability of the items. Payment is then 
accepted in exchange for the selected items in operation 6310, as discussed in more detail 
below. 

The virtual shopping environment may be tailored.. .these advertisements, cognizant of 
the fact that consuming these 

advertisements will subsidize their electronic content consumption fees, 
ORDERPLACEMENT 

Collects user information for order processing (shipping, billing) 
Recaps order for confirmation (shipping, price, availability) 
Allows for order maintenance (qty, product, shipping) 

Referring to operation 5414 of Figure 54, another embodiment of the receives an 

order for at least one of the products and services. User information is collected for order 
processing, including an address for delivery and billing. In the alternative, a user may 
enter an alphanumeric code representative of a source of currency, such as a 

credit card number or bank account such as by taking into account handling costs, the 

total weight of the items, the distance to final destination of the items, and the 
corresponding charges of the shipping provider. An estimate of the delivery date may 
also be given. It should be noted that mileage and the like could be calculated where 

services are to be rendered at a of the invention processes transactions pertinent to the 

purchase of items. For example, credit card transactions are processed, as are purchase 
order transactions. A structured payment plan may also be created. 

The actual order is placed with a fulfillment house for physical shipping of a product, or 
the order is placed... may even be prevented from utilizing the software until the license 
agreement is generated. 



Most software vendors currently favor licensing as the preferred method of distributing 

software. Licensing software provides the vendor with a certain 

amount of control over the distributed software which may be used to the 

vendor's advantage. For example, licensing software allows the vendor to 

prohibit unauthorized usage of the software that might facilitate unauthorized copying. In 

addition, licensing provides an advantageous method of providing and billing for 

software. Through licensing, the vendor may sell several identical copies of the same 

software and charge the buyer for each copy. 

Licensing schemes have adapted to the network environment as well as the individual 
personal computer, hi a network environment, such as a client-server network, multiple 
users may access the same copy of a particular application. Consequently, the vendor can 
charge the network owner not for the number of copies installed on the network, but for 
the number of users having access to the software. 

Software licenses granted, the relevant infori-nation is logged into a file to track 

usage of the various applications. 

If a license is not available, the client contacts another server to find the appropriate 
license. The client in the conventional system has the responsibility to obtain licenses 

from the various servers, and the individual may be based on the power of the 

processor or the number of processors in the system, or the number of individual nodes in 
a network, since these factors provide measures of the number of users which may use 
the software at any give time. 

In many cases, however, it may... lack of accountability. 

As computers have proliferated in availability, the investment in computer software has 
also grown, and there have been developed various methods for charging the computer 
user for use of computer software products. Typically computer software products are 

licensed, rather than sold, to the computer user under various arrangements are for 

indefinite periods of time, a license may also be for a limited duration and extendable, so 
that the entity marketing the product can charge a periodic fee (for example, annually) 
for use of the software product. Or use may be absolutely time-limited (for example, one- 
day), so that moving of software among machines; however, 

hardware locks do not handle multiple software products on a single machine, and they 
require time and expense to deliver to the end user. 
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When computer software products are used in a network environment (which 
may include computers running in various roles as workstations and servers of various 
types linked together over a data path), additional licensing challenges are present. For 
example, a network may permit a user at one node (which may be a terminal or 
workstation, for instance) to utilize a software product running at another node... site, but 
such an audit is intrusive, expensive, and may alienate potential or actual customers for 
licenses. Although other approaches exist under which one might charge a single fee per 



server or per site or per entity, often on an individually negotiated basis, these approaches 

are often impractical or inflexible, in practical in some network environments to 

determine and limit the number of nodes that may access a software product at a given 
time, and to charge a license fee based on the maximum number of nodes that are 
permitted to use the software product concurrently. 

This is called "concurrent licensing". In financial processes, and 
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(5) pathways of handling for electronic content, content and/or appliance control 
information, electronic content and/or appliance usage information and payment and/or 
credit. 

WAF agreements may define the electronic commerce relationship of two or more parties 

of a value chain, but such agreements may, at be involved in a three party agreement 

in which the end-user agrees to certain requirements for using the distributed product 
such as accepting distributor charges for content use and agreeing to observe the 
copyright rights of the creator. A third agreement might exist between the distributor and 
a financial clearinghouse that allows the distributor to employ the clearinghouse's credit 
for payment for the product if the end-user has a separate (fourth) agreement directly 
with the clearinghouse extending credit to the end-user. A fifth, evolving. ..different 
application of control information may also result from content control information 
specifying that a certain party or group of parties shall be subject to content control 
information that differs from another party or group of parties. For example, content 
control information for a given piece of content may be stipulated as senior Hifortriation 
and therefore not changeable, might be put in place by a content creator and might 
stipulate that national distributors of a given piece of their content maybe permitted to 
make 100,000 copies per calendar quarter, so long as such copies are provided to boni 
fide end-users, but may pass only a single copy of such content to a local retailers and 
the control information limits such a retailer to making no more than 1,000 copies per 

month for retail sales elaborate. They can support widely diverse information 

management models that provide for electronic information security, usage 
administration, and communication and may support. 

(a) secure electronic distribution of information, for example commercial literary 
properties, 

(b) secure electronic information usage monitoring and reporting, 

(c) secure financial transaction capabilities related to both electronic information or 

currency usage and administration capabilities, (d) privacy protection for usage infori- 
nation a user does not wish to release, and (e) "living" electronic information content 
dissemination models that flexibly accommodate. 
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(1) a breadth of participants, 

(2) one or more pathways (chains) for: the handling of content, content and/or appliance 
control information, reporting of content and/or appliance usage related information, 
and/or payment, (3) supporting an evolution of terms and conditions incorporated into 



content control 

infori-nation, including use of electronic negotiation capabilities, 

(4) support the combination of multiple pieces of content to form new content 

aggregations, and (5... 
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Detailed Description: 

...less &equent use. Traditional 

systems do not scale cost according to the extent or character of 
usage and traditional systems can not attract potential 
customers who find that a fixed price is too high. Systems using 
traditional mechanisms are also not normally particularly 

secure. For example, shrink-wrapping does not prevent. ..a smart object may return via 

communication to the 

user in the form of a secure 'return object" 

containing retrieved information. A user may be 

charged for the remote retrieving of information, the 

returning of information to the user's VDE 

installation, and/or the use of such information. In 
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the latter case, a user may be charged only for the 
information in the return object that the user 
actually uses. Smart objects may have the means to 
request use of one or remote resources (e.g. 

centralized databases, super computers, etc.) while 
providing a secure means for charging users based 
on information and/or resources actually used. 

0 support both "translations" of VDE electronic 
agreements elements into modern language printed 

agreement elements (such secure hardware module would be 

in the same physical package as the actual display 
monitor, such as within the packaging of a video 
monitor or other display device, and such device 
practical, to be as tamper resistant as reasonable. 

As another example, embedding a VDE hardware 
module 'into an I/O peripheral may have certain 
advantages from the standpoint of overall system 
throughput. If multiple VDE and/or appliance 



usage information on the same mass storage device 
and in the same VDE management database. 

requiring reporting and payment compliance by 
employing exhaustion of budgets and time ageing of 
keys. For example, a VDE commercial arrangement 
and associated content control information may 

- 119 - MI obligation, another 

participant can stop the delinquent party from 
successfully participating in VDE activities related 
to such agreement. For example, if required usage 
information and payment was not reported as 
specified by content control information, the 
'injured party can fail to provide, through failing to 

securely communicate from his VDE installation one or more pieces of secure 

information necessary for the continuance of one or 
more critical processes. For example, failure to 
report information and/or payment from a 
clearinghouse to a content provider (as well as any 
security failures or other disturbing 'irregularities) 

can result in the content provider not providing the provider's content and which the 

clearinghouse would communicate to end-user's 
during a content usage reporting communication 
between the clearinghouse and end-user. As 
another example, a distributor that failed to make 
payments and/or report usage information to a 
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content provider might find that their budget for 

creating permissions records to.. .the present invention is the use of 

portable VDEs as transaction cards at retail and 

other establishments, wherein such cards can 'dock" 

with an establishment terminal that has a VDE 

secure sub-system and/or an online connection to a 

VDE secure and/or otherwise secure and compatible 

subsystem, such as. ..transaction during a connection with another party's 

VDE installation (for example a VDE installation 

that is also on a financial or general purpose 

electronic network), by posting transaction 

information to a remote clearinghouse and/or bank, 

can ensure that sufficient backup is conducted to 

enable complete reconstruction of VDE card VDE 

sub-system) and are used to carry out VDE managed 
transaction related processing. These triggered 
methods include independently (separably) and 
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securely processable component billing management 



methods, budgeting management methods, metering 
management methods, and related auditing 
management processes. As a result of this feature of 
the present invention, independent triggering of 
metering, auditing, billing, and budgeting methods, 
the present invention is able to efficiexitly, 
concurrently support multiple financial currencies 
(e.g. dollars, marks, yen) and content related 
budgets, and/or billing increments as well as verv 
flexible content distribution models. 

support, complete, modular separation of the control 
structures related to (1) content event triggering, (2) 
auditing, (3) budgeting (includiner specifying no right 
t) CI 

of use or unlimited right of use), (4) billing, and (5) 
identity (VDE installation, cli 
user 111 ient name, 

department, network, and/or user, etc.). The 

independence of these VDE control structures 

provides a flexible system which allows plural 

relationships between two or more of these its logical portions). 

Without such separation between these basic VDE 

capabilities, it would be more difficult to efficiently 

maintain separate metering, budgeting, 

identification, and/or billing activities which involve 

the same, differing (including overlapping), or 

entirely different, portions of content for metering, 

billing , budgeting, and user identification, for 

example, paying fees associated with usage of 

content, performing home banking, managing 

advertising services, etc. VDE modular separation 

of these basic capabilities supports the programming 

of plural., "arbitrary" relationships between one or 

differing content portions (and/or portion units) and 

budgeting, auditing, and/or billing control 

information. For example, under VDE, a budget 

limit of $200 dollars or 300 German Marks a month 

may be enforced for decryption of a certain database 

and 2 U.S. Dollars or 3 German Marks may be 

charged for each record of said database decrypted 

(depending on user selected currency). Such usage 

can be metered while an additional audit for user 

profile purposes... Such control information 

may, for example, enforce societal requirements such as laws 



related to electronic commerce. 
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VDE content control information may apply differently to 
different pathway of content and/or control information handling 
participants. Furthermore, permissions records rights may be 

added, altered, and/or removed by a VDE participant if control information 

for electronic content and/or appliance rights 
protection, including the enforcing of preferences 
and requirements of VDE participants. 

Normally, most usage, audit, reporting, payment, and 
distribution control methods are themselves at least in part 
encrypted and are executed by the secure subsystem of a VDE 
installation. Thus, for example, billing and metering records can 
be securely generated and updated, and enciyption and 
decryption keys are securely utilized, within a secure subsystem. 

Since VDE also employs. ..is concealed from outside 
obseivation and interference, the present invention ensures that 
content control information can be enforced. As a result, the 
creator and/or distributor and/or client administrator and/or 
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other contributor of secure control information for each property 
(for example, an end-user restricting the kind of audit 
information he or she will allow to be reported and/or a financial 
clearinghouse establishing certain criteria for use of its credit for 
payment for use of distributed content) can be confident that 
their contributed and accepted control information will be 

enforced (within the security limitations of a given or more objects and/or properties, 

or 

portions of an object or property, can be directly 
used, such as decrypted, displayed, printed, etc; 

(3) How payment for usage of such content and/or 
content portions may or must be handled; and 

(4) How audit information about usage information 
related to at... financial processes, and 
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(5) pathways of handling for electronic content, content 
and/or appliance control information, electronic 
content and/or appliance usage information and 
payment and/or credit. 

VDE agreements may defirie the electronic commerce 
relationship of two or more parties of a value chain, but such 
agreements may, at be 



involved in a three party agreement in which the end-user 
agrees to certain requirements for using the distributed product 
such as accepting distributor charges for content use and 
agreeing to observe the copyright rights of the creator. A third 
agreement might exist between the distributor and a financial 
clearinghouse that allows the distributor to employ the 
clearinghouse's credit for payment for the product if the end-user 
has a separate (fourth) agreement directly with the 
clearinghouse extending credit to the end-user. A fifth, evolving 

- 142 content control information passes along its. ..more pathways (chains) for: the 
handling of content, content and/or appliance 

control information, reporting of content 
and/or appliance usage related information, 
and/or payment, 

(3) supporting an evolution of terms and 
conditions incorporated into content control 
information, including use of electronic 
negotiation capabilities, 
. 146 

content to form new content ...52 shows an example of a CLOSE method; 

FIGURES 53A-53B show an example of an EVENT 

method; 

FIGURE 53C shows an example of a BILLING method; 
FIGURE 54 shows an example of an ACCESS method; 
FIGURES 55A-55B show examples of DECRYPT and 
ENCRYPT methods-, 

FIGURE 56 shows an example... programs. Video production studio 204 may send these 

programs over lines 202, or may use other paths such as satellite 

link 205 and CD ROM delivery service 216. Video production 

studio 204 can send the programs directly to consumers 206. 208, 

210, or it can send the programs to information utility.. .at least $2.00 

based on a credit account with independent financial 

provider 212 (such as Mastercard or VISA) may watch the 

video, 

(2) virtual distribution environment 100 will 'meter" each 
time a consumer watches the video, and report usage to 
video production studio 204 from time to time, and 

(3) financial provider 212 may electronically collect 
payment ($2.00) from the credit account of each consumer 
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who watches the video, and transfer these payments to the 
video production studio 204. 

Information 200 allows even a small video 

production studio to market videos to consumers and receive 
compensation for its efforts. Moreover, the videos can, with 



appropriate payment to the video production studio, be made 
available to other video publishers who may add value and/or act 
as repackagers or redistributors. 

Figure 1... These 

usage-related "rules and controls' must be consistent with the 
'rules and controls" specified by content creator 102. 

Arrow 110 shows the distributor 106 distributing rights to 
use the content by sending the content's 'rules and controls" to a 
conten use 112 such as a consumer. The content user 112 uses 
the content in accordance with the usage-related 'rules and 
controls." 

In this Figure 2 example, information relating to content 
use is, as shown by arrow 1 14, reported to a financial 
clearinahouse 1 16. Based on this "reporting," the financial 
clearinghouse 116 may generate a hW and send it to the content 
user 112 over a "reports and payments" network 118. Arrow 120 
- 172 ELI 
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lua;uoo jo pua ppuuug aqj avuum SlluaToUja...WDE administrator.' Financial 
clearinghouse 116 in its 

VDE administrator role sends 'administrative" information to 
the VDE participants. This administrative information helps to 
keep the virtual distribution environment 100 operating 
properly. The WDE administrator" and financial clearinghouse 
roles may be performed by different people or companies, and 

there can be more than participant. For 

example, a content user 112 generally can't change 'n@des and 
controls" SIDecified by a distributor 106 that require the user to 
pay for content usage at a certain rate. 'Rules and controls' may 
"persist" as they pass through a 'chain of handling and control," 

and may be up" the wholesale pnice of goods. Figure 2A 

shows an example in which certain "rules and controls" persist 
unchanged from content creator 102 to content user 112; other 
"rules and controls' are modified or deleted by distributor 106; 
and still other "rules and controls" are added bv the distributor. 

"Rules and controls" can be used to protect the content 

user' ...usage enabling "rules and 

controls" against unauthorized distribution and use. 

In some examples, "rules and controls' may travel with the 
content they apply to. Virtual distribution environment 100 also 



allows "rules and controls' to be delivered separately from 
content. Since no one can use or access protected content 
without 'permission" from already 

been (or will in the future be) delivered. "Rules and controls" 
may be delivered over a path different from the one used for 
content delivery. "Rules and controls" may also be delivered at 
some other time. The content creator 102 might deliver content 
to content user 1 12 over the electronic highway 108, or could 

make the content available to anyone used at the time it is delivered, or it may be 

stored for 

later use or reuse. 
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The virtual distribution environment 100 also allows 
payment and reporting means to be delivered separately. For 
example, the content user 112 may have a virtual "credit card" 
that extends credit (up to a certain limit) to pay for usage of any 
content. A "credit transaction" can take place at the user's site 
without requiring any 'online" connection or further 

authorization. This Figure 3 shows an example of an overall process based on 

'rules and controls." It includes an "events' process 402, a meter 
process 404, a billing process 406, and a budget process 408. Not 
all of the processes shown in Figure 3 will be used for every set of 
'rules and... each user request to turn to a new 
page of an electronic book may be satisfied ("Go'), but it may not 
be necessary to meter, bill or budget those requests. A user who 
has purchased a copy of a novel may be permitted to open and 
read the novel as many times as she wants to without any 
further metering, billing or budgeting. In this simple example, 
the "event process" 402 may request metering, billing and/or 
budgeting processes the first time the user asks to open the 
protected novel (so the purchase price can be charged to the 
user), and treat all later requests to open the same novel as 
'insignificant events." Other content (for example, searching an 
electronic telephone directory) may require the user to pay a fee 
for each access. 

"Meter" process 404 keeps track of events, and may report 
usage to distributor 106 and/or other appropniate VDE 
participant(s). Figure 4 shows that process 404 can be based on 
a number of different factors such as. 

(a) type of usage to charge for, 

W what kind of unit to base charges on, 

(c) how much to charge per unit, 
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(d) when to report, and 

(e) how to pay. 



These factors may be specified by the 'rules and controls" that 
control the meter process. 

Billing process 406 determines how much to charge for 
events. It records and reports payment information. 

Budget process 408 limits how much content usage is 
permitted. For example, budget process 408 may limit the 
number of times content may be... example, methods 1000 may record 
the identity of anyone who opens the electronic container 302, 
and can also control how information content is to be charged 
based on "metering." Methods 1000 may apply to one or several 
different information contents 304 and associated containers 
302, as well as to all or... examples. 

'modem" 618 or other telecommunications link; 

CD ROM disk 620 or other storage medium or device; 
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a printer 622; 

broadcast reception 624; 

a document scanner 626; and 

a "cable" 628 connecting the appliance with a 'network." 

Virtual distribution environment 100 provides a ' ...may be extended based on 

additional "components' delivered to operating system 602. 

'Rights operating system functions' 604 can collect together and 
use 'components' sent by different participants at different 
times. The "components' help to make the operating system 602 
"Scalable.' Some components can change how services work on 
little appliances versus how they work.. .and/or error-correction 
validation of information). SPU 500 may also perform secure 
data management processes including governing usage of, 
auditing of, and where appropriate, payment for VDE objects 300 
(through the use of prepayments, credits, real-time electronic 
debits from bank accounts and/or VDE node currency token 
deposit accounts protections that make successful attacks 
exceedingly costly and time consuming. For example, ion 
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implantation and/or other fabrication techniques may be used to 
make it very difficult to visually discern SPU die conductive 

pathways, and SPU internal circuitry may be fabricated in considerations may include 

cost of 

implementation, cost of manufacture, desired degree of security, 



and value of compactness. 



SPU 500 may also be integrated with devices other than 

CPUs. For example, for video and multimedia applications, some 

performance and/or security advantages (depending ...500 may also be integrated 

into other peripheral devices, such as CD-ROM devices, set-top 

cable devices, game devices, and a wide variety of other 

electronic appliances that use, allow access to, perform 

transactions related to, or consume, distn"buted information. 

SPU 500 Tnternal Architecture 
Figure 9 is a detailed more detail. 
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Aficroprocessor 520 

Microprocessor 520 is the 'brain' of SPU 500. In this 

example, it executes a sequence of steps specified by code stored 

(at-least temporarily) within ROM 532 and/or RAM 534. 

Microprocessor 520 in the preferred embodiment comprises a 

dedicated central processing arrangement (e.g., a CISC processor unit, a 

microcontroller, and/or other central 

processing means or, less desirably in most applications, process 
specific dedicated control logic) for executing instructions stored 
in the ROM 532 and/or other memory. Microprocessor 520 may 
be separate elements of a circuitry layout, or may be separate 
packages within a secure SPU 500. 

In the preferred embodiment, microprocessor... RTC 528 must receive power 'in order to 
operate. 

Optimally, the RTC 528 power source could comprise a small 
battery located within SPU 500 or other secure enclosure. 

However, the RTC 528 may employ a power source such as an 
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soz 

2x:qp,njoui'@j,eudo.idd-e s-e...on microprocessor 520, or outside SPU 500. 

Decompression is important in the release of data such as video 
and audio that is usually compressed before distribution and 
whose decompression speed is important. In some cases, 
information that is useful for usage monitoning purposes (such as 
record separators or other delimiters) is... powered 
conventional RAM) may perform at least part of the role of ROM 
532. 



SPU Internal RAM 

SPU 500 general purpose RAIM 534 provides, among other 
things, secure execution space for secure processes. In the 
preferred embodiment, RAM 534 is comprised of different types 
of RAM such as a combination of... an electronic 
appliance 600 may be the most cost effective way to store VDE 
secure database management files 610 and information that 
needs to be stored external to SPU 500. A host svstem hard disk 
secondary memory 652 used for general purpose file storage can, 
for example, also be used to store VDE management files 610. 

SPU 500 may be given exclusive access to the external memory 
(e.g., over a local bus high speed connection provided by-BIU 
530). Both dedicated and shared external memory may be 
provided. 

SPU Integiated Within CPU 

As discussed above, it may be desirable to integrate CPU 

654 and SPU 500 into the same integrated... secure memory 532, 534 when 

CPU/SPU 2650 is operating in the "normal" mode automaticaDy 

result in the read information being encrypted before it is 

delivered to microprocessor 2652 (and similarly, and writes to 

the secure memory may result in the written information being 

decrypted before it is deposited into the.. .leave SPU mode and return to normal operation, 
the 

instructions executing in "SPU" mode may provide a specific 

indication to switch 2663 (e.g., a transfer to a designated memory 

address). This indication may be recognized by switch 2663 as 

indicating a return to "normal mode," and it may again restrict CROS") 602. 

Rights Operating System 602 

Rights Operating System ("ROS") 602 in the preferred 
embodiment is a compact, secure, event-driven, services-based, 
"component" oriented, distributed multiprocessing operating 
system environment that integrates VDE information security 
control information, components and protocols with traditional 
operating system concepts. Like traditional operating systems, 
ROS 602... oriented 
events 

simplifies task management 

simplifies inter-process communications 

Services based 

allows simplified and transparent scalability 
simplifies multiprocessor support 
a hides machine dependencies 



0 eases network management and support 

Component Bag5rd Architecture 

processing based on independently deliverable secure 

components 

242 

a component model of processing control allows different 
sequential steps that are reconfigurable based on 
requirements 

components can be added, deleted or of controlled processes 
within am, VDE node in a distributed, asynchronous 
arrangement 

control-led delegation of rights mi a distributed 
environment 

supports chains of handling and control 
management environment for distributed, occasionally 
connected but otheiwise asynchronous networked 
database 

real time and time independent data management 

supports "agent" processes 

Transparent 

can be seamlessly integrated into existing operating 

systems 

-245 

can support applications not specifically written to use it 
Network friendlv 

internal OS structures may use RPCs to distribute 
processing 

subnets mav seamlessly operate as a single node or 
independently 

General Background Regarding Operating Systems 

An "operating system' provides a control mechanism for 

organizing... increase efficiencies and/or 

capabilities. ROS 602 may access, coordinate and/or manage 

further processors remote to an electronic appliance 600 (e.g., via 
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network or other communications link) to provide additional 
processor resources and/or capabilities. 

ROS 602 is services based. The ROS services provided 
using a host processor... controlling one or more aspects of 
usage) may prepare audits for a distributor and format requests 
associated with the usage control for processing by a distributor. 

Processes at either end of a reciprocal control may be further 
controlled by other processes (e.g., a distributor may be limited 
-252 



by a budget for the number of usage control mechanisms they 
may produce). Reciprocal control mechanisms may extend over 
many sites and many levels (e.g., a creator to a distributor to a 
user) and may take any relationship into account (e.g., 
creator/distributor, distn'butor/user, user/user, user/creator, 
user/creator/distributor, etc.) Reciprocal control mechanisms 
have many uses in VDE 100 in representing relationships and 
agreements in a distributed environment. 

ROS 602 is scalable. Nlany portions of ROS 602 control 
structures and kernel(s) are easily portable to various host 
platforms without recompilation. Any control structure may be 
distributed (or redistributed) if a granting, authority pe=its this 
type of activity. The executable references within ROS 602 are 
portable within a tarcret platform. Different instances of.. .or 
more 'method cores," method parameters and other associated 
data structures that ROS 602 may collect and assemble together 
to perform a task such as billing or metering.- Different users 
may have different combinations of elements, and some of the 
elements may be customizable by users with appropriate 

authorization. This Micreases...to the smallest sub-element using a flexible control 
structure. ROS 602 can, for example, control the printing of a 
single paragraph out of a document file. 

ROS 602 provided by the preferred embodiment permits 
secure modification and update of control information governing 

each component. The control information may be provided format such as method 

options to an end-user. An 

end-user may then customize the actual control information used 
within guidelines provided by a distributor or content creator. 

Modification and update of existing control structures is 
preferably also a controllable event subject to auditing and 
control information. 

ROS 602 provided by the created by "addincy on" to exasting operating systems. This 

involves hooking'V-DE "add ons" to the host operating system at 
the device driver and network interface levels. Alternatively, 
ROS 602 may comprise a wholly new operating system that 
integrates both VDE functions and other operating system 
functions. 

Indeed, there are... Because security 

may be better/more effectively enforced with the assistance of 
hardware securitv features such as those provided by SPU 500 
(and because of other factors such as 'increased performance 



provided by special purpose circuitry within SPU 500), at least 

one SPE 503 is preferred for many or most higher.. .as keyboard 612, display 614, other 
devices such as a "mouse' pomiting device and speech recognizer 
613, modem 618, printer 622, and an adapter for network 672. 

Kernel 680 mav also be responsible for initialiv loading the 
remainder of ROS 602, and may manage the various ROS tasks 

(and associated underlying 680. It receives and 

routes "calls" from/to API 682, HPE 655 and SPE 503, for 
example. 

Object switch 734 may manage construction, 
deconstruction and other manipulation of VDE objects 300. 

User NotificatiorvException Interface 686 in the preferred 
embodiment (which may be considered part of API 682 or 
another application coupled... functions 604 may be passed 
directly without translation by redirector 684. 

Referring again to Figure 10, ROS 620 may also include an 
'interceptor" 692 that transmits and/or receives one or more real 
time data feeds 694 (this may be provided over cable(s) 628 for 
example), and routes one or.. .that must be present in a control 
structure to establish creditworthiness, audit processes which 
must be performed by the licensee, etc.). As another example, a 
distributor may give one user more favorable pricing than 
another user bv deliverL'rg different data elements defining 
pricing to different users. This attribute of supporting multiple 
party securely, independently deliverable control information is 
fundamental to enablinu electronic commerce, that is. defining of 
a content and,, 'or appliance control infor-manon set that 

represents the requirements of independent 

parties such as content creators, other content providers, 
financial service providers, and/or users. 

In the preferred embodiment, ROS 602 assembles securely 
independently deliverable elements into a component assembly 
690 based in part on context parameters (e.g., object, user). 

Thus, for example, ROS 602 may securely assemble different... price element intended 

by the VDE content distributor, then the person could establish a 

price of zero instead ofthe price the content distributor 'intended 

to charge. Similarly, if the element establishes an electronic 

credit card, then an abilitv to substitute a different element 

could have disastrous consequences 'in terms of allowing a person 

to charge her usage to someone else's (or a non-existent) credit 



card. These are merely a few simple examples demonstrating 
the importance of ROS 602...690. 

The PERC 808 may reference one or more method 'cores' 

1000'. A method core 1000' mav define a basic 'method" 1000 

(e.g., 'control,' " billing,' "metering," etc.) 

In the preferred embodiment, a 'method" 1000 is a 

collection of basic instructions, and information related to basic 

instructions, that provides context, data... provides an array of configuration options using 
existing 

operating system components. ROS 602 also communicates with 
external services through the RPC 'interface to seamlessly 
'de distributed and/or remote processing. In smaller scale 
prov-1 

instances of ROS 602, a simpler message passing IPC protocol 

may be used to conserve resources... ROI-SVC-IOCTL (long service.id, 

long subservice-id. 

int command. BYTE *buffer) 
This IOCTL function provides a generalized control 
interface for a RSI. A user specifies the ser@4ce id parameter 
and an optional subservice-id parameter that they wish to 
control. They specify the control command parameter(s), and.. .the 
preferred embodiment follows a simple block based standard. In 
the preferred embodiment, an SPE RSI 736a may be modeled 
after the packet interfaces for network Ethernet cards. This 
- 308 - 60C 

(Cog acIS aplslno sassamad jo A&aT & jo jMod aq; moij) pa2uuum 
XTuuui@id St 'aal-el passn3sr m s.. .level information about a VDE 
object 300, including mapping the object into a preexisting OS's 
name space. This permits seamless access to VDE protected 
content using "normal' file system 687 access techniques 
provided by a pree'.lcisting operating system. 

in the intecrration scenarios discussed above, each 
preexisting tanzet OS File. ..as 

part of API service manager 742. Notification services manager 
740 in the preferred embodiment provides notification support to 
dispatch specific notifications to an appropriate user process via 
the appropriate A-PI return, or by another path. This mechanism 
permits notifications to be routed to any authorized process-not 
just back to a process that specified a notification mechanism. 
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API. . .communications . 
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There are several important examples of the use of 

Externall Services Manager 772. Some VDE objects may have 

some or all of their content stored at an Object Repository 728 on 

an electronic appliance 600 other than the one operated by a user 

who has, or wishes to obtain 600 where the 

VDE objects desired (or their content) is stored. In addition, file 

system 687 mav he a network file system (e.g., Netware, 

LANtastic, NFS. etc. I that allows access to VDE content tags, host ID to URL 

conversion (e.g., using 

Name Services Manager 752) and an HTTP-aware instance of 
Services Transport Laver 786. 

In other examples, External Services Manager 772 may be 
used to locate, connect to, and utilize remote event processing 
services; smart agent execution services (both to provide... preferred 
embodiment: an object definition stage 1220, and an object 
creation stage 1230. The role of object submittal manager 774 is 
indicated by the two different "user input' depictions (774(1), 
774(2)) shown 'in Figure 12 A. 

In one of its roles or instances, object submittal manager 

7 7 4 provides a to be created. This user 

interface 774a mav, for example, allow the user to specify that 
she wants to create an ob'ect. allow the user to designate the 
J 

content the object will contain, and allow the user to specify 
certain other aspects of the information to be contained within 
the object (e.g., rules and control information, identifying 
information, etc.). 

Part of the object definition task 1220 in the preferred 
embodiment may be to analyze the content or other information 
to be placed within an object. Object definition user interface 
774a may issue calls to object switch 734 to analyze "content" or 
-330 

other information that is to be included within the object to be 
created in order to define or organize the content into "atomic 
elements' specified by the user. As explained elsewhere herein, 
such 'atomic element" organizations might, for example, break 
up the content into paragraphs, pages or other subdivisions 
specified by the user, and might be explicit (e.g., inserting a 
control character between each 'atomic element') or implicit. 

Object switch 734 may way of time independent stream interface 762 and real time 

stream inter-face 4-60). and is capable of accessing and retrieving 



stored content or other Information stored within file system 687. 
The result of object definition 1240 may be an object 

config-uration FLIe 1240 specifying certami parameters relating to. ..764 within object 
switch 7 34. Container 

manager 734 is responsible for constructing an object 300 based 
on the object configuration file 1240 and further user input. The 
user may imeract "Ith the object construction 1230 through 
another instance 774i 2,@ of ob.ect submittal manager 774. In this 
further user 'interaction provided by object submittal manager 

774, the user may specify permissions form to the object switch for incorporation 

into the object. Such information provided by SPE 503 may 
-332 

include, in addition to encrypted content or other information, 
one or more PERCs 808, one or more method cores 1000', one or 

more load modules 1100, one or more data structures such as format' 

Ject content ion as 

specified by object configuration file 1240. Container manager 
7 64 mav then insert into the container 302 the content or other 
information (as encrypted bv SPE 503) to be M'cluded in the new 
object. Container manager 764 mav also L'nser-t appropriate 

permissions, rules appropriate information within secure 

database 610. 
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Communications Subsystem 776 

Communications subsystem 776, as discussed above, may 
be a conventional communications service that provides a 
network manager 780 and a mail gateway manager 782. Mail 
filters 784 may be provided to automatically route objects 300 
and other VDE information to/from the outside world. 

Communications subsystem 776 may support a real time content 
feed 684 from a cable, satellite or other telecommunications link. 

Secure ProceBsing Environment 503 

As discussed above in connection with Figure 12, each 

electronic appilance ...residing in SPU ROM 532a and/or EEPROM 532b. The Figure 
14B example of an INVRAM 534b memory map shows the task 
manager 576 and other information loaded into NVRAM. 

One of the functions performed by kernel/dispatcher 552 is 

to receive RPC calls from ROS RPC manager 732. As explained... 2uTs T4onS -sa- 
imoruas loxmoo xaTduaoz) 
6OZ60/86 OM 

"channel" task, a "control' task, an 'event" task, a "meter" task, a 



'budget' task, and a 'billing' task. Depending on the size of SPU 

RAM 532, 'swap blocks' may be swapped out of RAM and stored 

temporarily on secondary storage 652 until... imposes a potentially indeterminate 

delay into a typically time critical process, may limit SPE 503 

throughput, and maymicrease overhead. 

This issue notw-ithstanding, there are other significant 
processing issues related to building single-threaded versions of 
SPE 503 that may limit its usefulness or capabilities under some 
circumstances. For example, multiple... 
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Summary of the Invention: 

...0002] This invention relates to a content providing and 
obtaining system, and is applicable, for example, to a data provide 
system for providing data on various distribution information such 
as various content data and the advertisement, of music, motion 
pictures, etc. (hereinafter, this is referred to as distribution 
data) to a customer by means of the Internet. 

[. . . 



.0004] In recent years, the Internet being a computer 



communication network that it had been used in many institutes or 
the like for research and study in the world scale, has been quickly 
popularized also among companies and customers as a computer 
communication tool, by a use in business such as sale for merchandise, 
distribution of content data, and advertisement of a 
company and merchandise... 

...0005] By using the Internet in business, the customer can buy 
desired merchandise and can obtain desired content data by a 
personal computer for instance, while staying at home. At the same 

time, 

the customer can obtain various distribution data such as the 
advertisement of a company and merchandise by the personal computer... 

...0006] In the distribution of content data on the 

Internet, the transmission efficiency of the content data 
can be improved by transmitting compressively-coded content 
data to a customer's personal computer 

Description of the Invention: 

...0083] (1) Usage Pattern of Internet by Data Providing System 



...0084] As shown in FIG. 1, in a data providing system 1, 
communication 

can be performed on the Internet (not shown) between a system 
management site 2 that integrally manages the above data providing 
system 

and the customer 3, between the system management site... 

...company 5 that sells merchandise described later to these agencies 4A 
to 

4N, and between the system management site 2 and a site for providing 
distribution data 6 established by an advertiser /company 
(hereinafter, this is referred to as advertiser /company site) , 
respectively. . . 

...shown in FIGS. 1 and 2, the agencies 4A to 4N are rental shops that 
sell 

and rent the content (composed of audio data, video data, text 
data, etc.) of music, a motion picture, game software, a novel, a 
photograph, a comic, etc., as commercial packaged media such as a 
compact 

. . . 4N that recorded the content data via the system management site 2 

by 

a communication function provided inside, and can execute processing 
for 

purchasing/renting content data (including accounting. . . 

...0097] Therefore, when the customer 3 newly requests to purchase/rent 
content data by the portable dedicated terminal 7A-7N in rental, 
the agency 4A-4N can transmit the requested content data to 
the portable dedicated terminal 7A-7N in rental via the system 

management 

site 2, and the content data can be recorded therein. Thus, 

content data can be easily distributed on the 

Internet also to a customer 3 who does not own a device 



connectable to the Internet (hereinafter, this is referred to as 

device for connecting to the Internet) such as a personal 

computer, similarly to a customer 3 who owns a device for connecting 

to 

the Internet. 



. . .data sent from the portable dedicated terminal 7A-7N and the request 
terminal, to the agency 4A-4N. Thus, the contents of that request are 
added to the customer registration information in the customer 
database 8 as additional customer information, and the above customer 
registration information is updated. Thereby, customer's... 

. . .management site 2 retrieves data in the advertiser /company database 
10 

based on his/her customer registration information, selects 
advertisers 

and companies that can provide distribution data matching his/her 
taste, and introduces the above selected advertisers and companies to 
the 

customer 3 via the portable dedicated terminal 7A-7N. . . 

...to change the color of the case body), the agency 4A-4N moves all 
data 

in the portable dedicated terminal 7A-7N rented by the customer 3 
(that is, the content data, the desired distribution data provided 
from the advertiser, etc.) into the other portable dedicated 
terminal 7A-7N in the color specified by the customer 3, and 
changes them. . . 

...0113] On the other hand, if extending the rental term of the 
content data is replied from the portable dedicated terminal 7A-7N 
being rented to the customer 3 via the system management site 2, the 
agency 4A-4N monitors the end of that extended rental term of the 

above 

content data. . . 

...0114] Although the rental term of the content data has expired, 

if the customer 3 does not bring that portable dedicated terminal 7A- 
7N, 

for instance, the agency 4A-4N sends an erasing. . . 
...of the packaged media read from the customer database 8 at the system 
management site 2. It is because the purchase/rental price for the 
content data being occupied by the customer 3 being the same as 
the content data stored in the packaged media has been already 
paid. Then, the agency 4A-4N hands the packaged media to the customer 

3 

at the shop or delivers it by the delivery company 9 from 
the sales company 5... 

...0118] In this manner, the agency 4A-4N makes the exchange value of 
the 

content data being occupied by the customer for the packaged media 
to be almost equal, and exchanges the content data for the above 
packaged media (hereinafter, this exchange is referred to as 
equivalent 



exchange) . Thereby, wasting the content data purchased/rented by 
the portable dedicated terminal 7A-7N when that portable dedicated 
terminal 7A-7N is returned can be prevented, and the packaged media 
can 

be provided by a minimum investment without making the customer 3 
wastefully invest in both of the content data and the packaged 
media. . . 

...0119] In this connection, the system management site 2 collects 
charges for the use of the Internet from the customer 3 
every time when the customer 3 uses the Internet (that is, every 
time when the customer 3 purchases/rents content data and the 
portable dedicated terminal 7A-7N) . The system management site 2, 
however, issues a point to give a privilege such as a discount... 

...0120] At the agency 4A-4N, the customer 3 can use the obtaining 
point 

for electronical accounting instead of a part or all of the 
payment, when in purchasing/renting content data and a 
portable dedicated terminal 7A-7N, and when in exchanging content 
data for packaged media, etc... 

...0121] Furthermore, the agency 4A-4N can accept also payment by 

cash and a prepaid card at the shop, instead of electronical 
accounting, 

when the customer 3 purchases/rents a portable dedicated terminal 7A- 
7N, 

or exchanges content data for packaged media, or the like... 

...0124] As shown in FIG. 3, the customer 3 who purchased the portable 
dedicated terminal 7A-7N can purchase/rent desired content data 
only from the agency 4A-4N that sold the portable dedicated terminal 
7A-7N, by the above portable dedicated terminal 7A-7N via the 
Internet, and can obtain desired distribution data by 
contracting to an advertiser and/or a company similarly to the case 
described above with reference to FIG. 2... 

...0136] In this manner, the data providing server 51 can 

prepare the customer the portable dedicated terminal 53 storing 
the content data according to the customer's request for purchase 
and rental. Thus, the portable dedicated terminal 53 can be sold and 
rented to the customer by... 

...0140] In this manner, the data providing server 51 enables the 
customer 

to easily use content distribution on the Internet, 

and freely obtain desired content data by the portable dedicated 

terminal 53 . . . 

...data providing server 51 customizes the content selecting screen 
based 

on the screen customizing data every time when obtaining request data 

is 

sent from the customer requesting the customizing of the content 
selecting screen by the portable dedicated terminal 53. The customer 
can 

select content data on thus customized screen... 



...equivalent exchange request data and the detected result by the 
updating 

part 60 by a package retrieving part 64. Thereby, the obtaining price 

of 

the content data occupied by the customer, and the selling price 
and the title of packaged media storing the above content data are 
detected as the target of the equivalent exchange... 

...0157] The data providing server 51 computes a balance between thus 
detected obtaining price of the content data occupied by the 
customer and the selling price of the packaged media by the package 
retrieving part 64, and transmits the above computed balance from 
the sending part 61 to the customer's portable dedicated terminal 53 

as 

retrieval result information, with these obtaining price of the 
content data and the selling price and the title of the packaged 
media. . . 

...of the content data stored in the packaged media by the purchase or 
the 

rental via the portable dedicated terminal 53. Thus, if exchange 
acceptance data to accept the equivalent exchange is sent from the 
portable dedicated terminal 53 sold/rented to the customer, the 
data providing server 51 electronically performs 
accounting only for the balance between the obtaining price 
of the content data occupied by the customer and the selling price 
of the packaged media. Then, the packaged media is delivered to the 
above 

customer directly or by. . . 

...such as discount to the customer according to the using state by a 
point 

issuing part not shown, every time when the customer uses the 
Internet by the request terminal 52 and/or the portable dedicated 
terminal 53. The above issued point is transmitted to the customer 
database 55, sequentially added to the customer registration 
information, 

and the above customer registration information is updated by the 
updating part 60... on the equivalent exchange is sent from the data 
providing server 51, the portable dedicated terminal 53 receives this 

by 

the receiving part 80, and transmits this to the reproducing part 
85 to display the obtaining price of the content data that the 
customer occupies by purchase or rental, the selling price and the 
title 

of packaged media, and the difference between these prices based... 

...content data that the customer occupies and the selling price of the 

packaged media is performed by a method that the customer specified 
(that 

is, payment by money or points) . Therefore, the customer can 
obtain the packaged media by a minimum investment... 



..0190] In this connection, if confirmation screen data for 
content data that the rental term is near expiration is sent from 



the data providing server 51, the portable dedicated terminal 53 
receives 

this by the receiving part 80, and transmits this to the 
reproducing part 85 to display a confirmation screen based on that 
confirmation screen data, and notifying the customer of that the 
rental 

term of the content data will expire by the above confirmation 
screen . . . 

...0193] According to the above configuration, in this data providing 
system 50, the data providing server 51 records content data 
specified by the customer in a portable dedicated terminal 53 only for 

an 

agency that the customer specified according to reservation data sent 
from. . . 

...0194] Then, if the customer sends content specifying data from 

the portable dedicated terminal 53, the data providing server 51 reads 
content data from the content database 56 according to the 
content specifying data, and sends the above read content 
data to that portable dedicated terminal 53 for recording. . . 

...is requested from the customer by the portable dedicated terminal 53, 

the data providing server 51 provides the packaged media to the 
customer 

by the payment of the difference between the obtaining price of 

the content data occupied by the customer and the selling price of the 

packaged media. . . 

...0198] Accordingly, in this data providing system 50, even if the 
customer does not have a device for accessing the Internet, by 
previously reserving the purchase or the rental of a portable 

dedicated 

terminal 53 that can record and reproduce content data by a 
request terminal 52 installed in a KIOSK or the like, the customer can 
obtain content data distributed to the portable dedicated 
terminal 53 after the customer received the reserved portable 
dedicated 

terminal 53 . . . 

. . .the portable dedicated terminal 53 only for an agency by purchase 
and/ or 

rental. Therefore, agencies can easily get customers who use not only 
the 

Internet but also the agencies, and also can easily use and can 
participate in the Internet. 

[. . . 

. . .According to the above configuration, in the data providing server 
51, 

the portable dedicated terminal 53 only for an agency that can record 
and 

reproduce content data is sold or rented to the customer according 
to reservation data sent from the request terminal 52. Content 
data is distributed according to content specifying data 
sent from the sold/rented portable dedicated terminal 53, and is 
recorded 



in the portable dedicated terminal 53. An advertiser and/or a... 

...selected based on customer registration information according to 

customer's permission sent from that portable dedicated terminal 53, 
and 

is introduced to the customer. A content selecting screen is 
customized according to a customizing request sent from the above 
portable dedicated terminal 53, and is provided to the portable 
dedicated 

terminal 53 . And the exchange values of the content data occupied 
by the customer by distribution and packaged media storing the 
same content data are equal, and they are equivalently exchanged 
according to an equivalent exchange request sent from the portable 
dedicated terminal 53. Thereby, a customer who does not have a device 
for 

accessing the Internet can easily use this system while 
sufficiently enjoying the convenience of the Internet. By the 
portable dedicated terminal 53 only for an agency that uses the 
Internet, 

this system can easily get customers. Thus, a data providing system... 

...terminal that the customer 3 had been used) and a settlement 
processing 

server 104 are connected to the above data providing server 101 on the 
Internet 105, respectively... 

...0208] If customer reservation information to reserve content 

data by rental (hereinafter, specially this is referred to as rental 
reservation request data) is sent as reservation request data, from 

the 

request terminal 103 via the Internet 105 by operation by the 
customer who wants to rent the content data, the data providing 
server 101 receives this by a receiving part 115, converts the above 
received rental reservation request data into recording control data 

by 

an accounting part 116, and transmits this to a recording control 
part 117. . . 

...data including dedicated terminal identification information 

(hereinafter, this is referred to as dedicated terminal ID) peculiar 

to 

the portable dedicated terminal 102 for recording the content data 
that the customer requested to rent by the recording control part 117, 
and transmits this to the request terminal 103 from a sending part 
118 via the Internet 105 to notify the customer of that the rental 
reservation of the desired content data has been accepted. . . 

...0210] The data providing server 101 reads the content data that 
the customer requested to rent from the content database 111 
according to the recording control data by the recording control part 
117, and sends this to the portable dedicated terminal 102 having 

the. . . 

...a customer ID, a password, the title of content data Dl of which the 
rental is requested, a rental term, a paying method of rental 
charges (payment by cash or prepaid card at shop, 
payment by prepaid card by request terminal, payment by 
credit . . . 



...D2 from the request terminal 103 by the receiving part 115, the data 
providing server 101 extracts information on the paying method of the 
rental charge (hereinafter, this is referred to as payment 
data) from the rental reservation request data D2 by the accounting 

part 
116. . . 

...0215] If payment specified by the payment information is 

credit, the data providing server 101 reads the customer registration 
information on the customer who requested to rent the content data Dl 
from. . . 

...Ill based on the customer ID included in the rental reservation 
request 

data D2 by the accounting part 116, retrieves a data table in the 
content database 111 based on the title of the content data Dl 
included in the above rental reservation request data D2, and reads 
the 

additional information... 

...0216] The data providing server 101 executes accounting by the 
accounting part 116, based on the rental charge for the 
portable dedicated terminal 102 and an account number in the dealing 

bank 

of the agency previously stored in the contents database 111, the 
rental reservation request data D2, the customer registration 
information, and the additional information on the content data Dl . 
Thereby, the data providing server 101 generates accounting 
information representing the amount of charge according to 
the rental term of the content data Dl to the customer, the 
account numbers of the agency and the customer, etc., and sends this 
from 

the sending part 118 to the settlement processing server 104 via 
the Internet 105 .. . 

...by the request terminal 103 is specified by the rental reservation 

request data D2 from the request terminal 103, the data providing 
server 

101 executes accounting according to the rental charges for 
the portable dedicated terminal 102, the rental reservation request 
data 

D2, and the additional information on the content data Dl, by the 

accounting part 116. The data providing server 101 computes 

the amount of charges to the customer according to the rental term 

of the content data Dl, and sends information on the above computed 

amount of charges as accounting data from the sending part 

118 to the request terminal 103 via the Internet 105... 

...0225] If the data providing server 101 receives payment 

-by-prepaid completion data from the request terminal 103 by the 
receiving part 115 by that the payment by a prepaid card has 
completed based on the accounting data, the data providing 
server 101 generates recording control data D3 by adding the 
agency ID to the rental reservation request data D2 storing 

information 

representing that the payment by the prepaid card has completed by 



the request terminal 103, instead of the customer's account number by 

an 

accounting part 116, and transmits... 

...0226] Then, if the data providing server 101 transmits 
the recording control data D3 from the accounting part 116 
to the recording control part 117, the data providing 
server 101 sends rental reservation acceptance data from 
the sending part 118 to the request terminal 103 by the recording 

control 

part 117 similarly to the above. At the same time, the data providing 
server 101 generates header data D4 based on that recording control 
data D3, and records this in the portable dedicated terminal 102 
with the content data Dl . . . 

...0227] Furthermore, if payment by cash or a prepaid card at the 
shop is specified by the rental reservation request data D2 sent 
from the request terminal 103, the data providing server 
101 generates recording control data D3 by adding the agency ID to 
the rental reservation request data D2 storing 
information representing that the payment by cash or a 
prepaid card at the shop has completed instead of the customer's 

account 

number by the accounting part 116, and sends... 

...0229] In this connection, in the data providing server 101, a slot 
for 

a prepaid card is provided on the accounting part 116. When the 
payment by a prepaid card at the shop is specified, an amount of 
charge to the customer according to the rental term of the content 
data Dl is computed by the accounting part 116. And if the 
customer inserts his/her prepaid card into the slot when the customer 
came to receive the portable dedicated terminal 102, the rental 
charges is settled by the prepaid card... 

. . .that, the above data providing server 101 also can be used in the 
case 

where the customer came to the shop and requested to rent content 
data Dl . In this case, a clerk in the shop inputs rental information 
having the same contents as the rental reservation request data D2 
described above with reference to FIG. 6 via an operational 
information 

input part. The above entered rental information is transmitted to 
the accounting part 116. Thereby, the content data Dl is recorded 
in the portable dedicated terminal 102 similarly to the aforementioned 
rental reservation by the request terminal 103... 

...0232] If rental reservation acceptance data is sent from the data 
providing server 101 via the Internet 105, the request terminal 
103 receives this by a receiving part 124, and transmits this from 
a discriminating part 125 to a display part 126. Thus, completion of 

the 

acceptance of the rental reservation of the desired content data 
requested by the customer is notified to the customer, with the 
dedicated 

terminal ID of the portable dedicated terminal 102 that will be rented 
with the above content data Dl . . . 



...0233] In this connection, in the request terminal 103, an accounting 
part 127 having a slot for a prepaid card is provided. If payment 
by a prepaid card by the request terminal 103 is specified by the 
customer via the operational information input part 120, the 

operational 

information discriminating. . . 

...0234] The request terminal 103 receives account data transmitted 

by sending the rental reservation request data D2 to the data 
providing 

server 101 by the receiving part 124, discriminates this by the 
discriminating part 125, and transmits this to the accounting part 
127. . . 

...0235] If a customer's prepaid card is inserted into the slot of the 
accounting part 127, the request terminal 103 settles the rental 
charges to the customer by the prepaid card based on the account 
data by the accounting part 127. And then, the request terminal 103 
generates payment-by-prepaid completion data, and sends this from 
the sending part 123 to the data providing server 101 via the Internet 
105... 

. . .reservation processing procedure by the data providing server 101 and 
the request terminal 103 in the data providing system 100 will be 
described except for payment for rental charges (that is, 
accounting) . As shown in FIG. 7A, the request terminal 103 enters 

routine 

RT1 from the start step and proceeds to step SP1...0239] In step 
SP12, 

the data providing server 101 generates recording control 
data D3 by the accounting part 116 by means of the rental 
reservation request data D2, and proceeds to the next step SP13... 

...0242] In step SP4, the request terminal 103 transmits that 

rental reservation acceptance data to the display part 126 to display 

it 

thereon, and notifies the customer of completion of the acceptance of 
the 

rental reservation of the content data Dl with the dedicated 
terminal ID of the portable dedicated terminal 102 that will be rented 
with the above content data Dl, and it proceeds to the next step 
SP5 to finish the processing in the above request terminal 103... 

...customer can make a reservation for the rental of the content data Dl 
without waiting in front of the portable dedicated terminal 102 while 

the 

content data Dl is being recorded in the portable dedicated 
terminal 102 .. . 

...0248] In this connection, that when in using the distribution of 
content data Dl on the Internet 105, it has been already 
described. However, also knowledge of the Internet 105 is 
necessary. Therefore, sometimes, a person who does not have knowledge 

of 

the Internet 105 is hard to easily receive the distribution 
of the content data Dl . . . 



..0252] In the aforementioned second embodiment, it has dealt with the 
case where content data Dl that the customer requested to rent is 



recorded in the portable dedicated terminal 102 dedicated to the 
agency. 

However, this invention is not only limited to this but also 

content data Dl that the customer requested to rent or purchase 

may be recorded in a portable recording and reproducing device such as 

a 

portable telephone... 

. . .by the receiving part 115 is provided. If the receiving part 115 

receives rental reservation request data D2 from the request terminal 
103 

on the Internet 105, the data providing server 151 

transmits this from the receiving data judging part 155 to an 

accounting part 156... 



..0260] If that the content data Dl has been stored in the 
content database 153 is confirmed by the accounting part 156, the 
data providing server 151 successively transmits recording 
control data D3 to a recording control part 157 from the 
accounting part 156... 



.and 9, if that the content data Dl requested by the customer has not 
been stored in the content database 153 is confirmed by the 
accounting part 156, the data providing server 151 
generates recording control data D3 by using the rental 
reservation request data D2 similarly to the accounting 
part 116 of the data providing server 101 (FIG. 5) 

according to the second embodiment described above with reference to 

FIGS. 5 and 6 (it also executes accounting) by the 

accounting part 156. Although, the data providing 

server 151 transmits the recording control data D3 from the 

sending part 118 to the content server 152 via the Internet 105 as 

content obtaining request data. 



...0263] As a result, if the requested content data Dl is sent from 
the content server 152 via the Internet 105 with the 
content obtaining request data, the data providing server 151 
receives them by the receiving part 115, takes them in the receiving 

data 

judging part 155, and transmits them to the recording control part 
157. . . 

...0265] In this manner, even if the rental of the content data Dl 
that has not been stored in the content database 153 is requested, 
the data providing server 151 can rent the content 
data Dl to the customer by obtaining this from the content 
server 152 .. . 

...0269] If content information including a content ID to newly 
store the content data Dl is entered to the content 

database 153 via the operational information input part 119, the data 
providing server 151 transmits this from the operational 
information judging part 158 to a request data generating part 159 to 
generate content request data according to the content 
information, and sends this from the sending part 118 to the 



content server 152 via the Internet 105... 

...0270] If the desired content data Dl and its additional 
information are sent from the content server 152, the data 
providing server 151 receives this by the receiving part 115, and 
transmits them from the receiving data judging part 155 to the 
recording control part 157 to store them in the content database 
153 by the above recording control part 157... 

...0272] On the other hand, if the content obtaining request data 
is sent from the data providing server 151 via the Internet 105, 
the content server 152 (FIG. 8) receives this by a receiving part 
160, extracts the content ID from that content obtaining 
request data by a content ID extracting part 161, and 
transmits this to a content retrieving part 162 as well as 
transmitting the above content obtaining request data to a 
sending data generating part 164... 

...0273] The content server 152 retrieves data in the content 
database 154 based on that content ID by the content retrieval 
part 162, reads the corresponding content data Dl, and 
transmits this to the sending data generating part 164. At the 
same time, the content server 152 adds the content 
obtaining request data to that content data Dl by the above 
sending data generating part 164, and sends them from a sending part 

165 

to the data providing server 151 via the Internet 105... 

...0274] Furthermore, if the content request data is sent from the 
data providing server via the Internet 105, the content 
server 152 receives this by the receiving part 160, extracts the 
content ID from that content request data by the 
content ID extracting part 161, and transmits this to the 
content retrieval part 162... 

...0277] Here, rental reservation processing procedures by the data 
providing server 151, the request terminal 103 and the content 
server 152 in the data providing system 150 will be 
described except for the payment of rental charges (i.e. 
accounting) . As shown in FIG. 10A, first, the request terminal 103 
enters routine RT1 from the start step, and executes similar 

processing 

to the case described. . . 

. . .the data providing server 151 enters routine RT3 from the start step 
and 

sequentially executes the processing at steps SP11 and SP12. And then, 
the data providing server 151 proceeds to step SP21 to 
retrieve a data table in the content database 153 by the 
accounting part 156 and judging whether or not it is necessary to 
obtain the content data Dl that the customer requested to 
rent from the content server 152... 

...0279] Obtaining an affirmative result in this step SP21 means that 
the 

content data Dl has not been stored in the content database 
153 in the data providing server 151. At this time, the 



data providing server 151 proceeds to step SP22 to send the 
recording control data D3 generated by the accounting part 

156 as content obtaining request data from the sending part 118 to 
the content server 152 via the Internet 105, and it proceeds to 
step SP23 . . . 

...0284] In step SP24, the data providing server 151 transmits the 
received content data Dl and content obtaining request data 
from the receiving data judging part 155 to the recording control part 
157, and generates rental reservation acceptance data by the receiving 
data judging part 155, and sends this from the sending part 118 to the 
request terminal 103 via the Internet 105. Successively, the data 
providing server 151 sequentially executes the processing at steps 

SP14 

and SP15. And then, the data providing server 151 proceeds to... 

...0285] In this connection, obtaining a negative result in the 
aforementioned step SP21 means that the content data Dl that the 
customer requested to rent has been stored in the content database 
153 in the data providing server 151. At this time, the 
data providing server 151 proceeds to step SP24 to generate 
rental reservation acceptance data by the recording control part 

157 that received the recording control data D3 from the 
accounting part 156, and sends this from the sending part 118 to 
the request terminal 103 via the Internet 105, and then, the data 
providing server 151 proceeds to step SP14... 

...0287] In this data providing system 150, if the data providing 
server 151 receives the rental reservation request data D2 
from the request terminal 103 by the customer's operation, the 
data providing server 151 judges whether or not the content 
data Dl that the customer requested to rent has been stored 
in the content database 153 in the data providing server 
151. If the content data Dl has not been stored, the 
data providing server 151 obtains the content data 
Dl from the content server 152, and records this in the portable 
dedicated terminal 102 that will be rented to the customer... 

...in the content database 153, the data providing server 151 obtains 
the 

content data Dl from the content server 152 and rents this to the 
customer. Thereby, in addition to the effects obtained by the 
aforementioned second embodiment, the scale of the content 
database 153 in the data providing server 151 can be largely reduced. 
And 

even if the scale of the... 

...in the case where the customer contracts with an advertiser /company 
are 

as FIG. 14: "The advertiser /company pays a part of customer's 
communication charges.", "The advertiser /company discounts the 
purchase of merchandise etc. by the customer.", "The customer can use 
the 

point of Internet mileage that the customer got in payment for the 
purchase of merchandise etc.", "The advertiser /company gives a present 

to 



the customer according to the point of the Internet mileage that 
the. . . 



. . .by the customer information updating part 215, and sends this from 
the 

sending part 214 to the customer's portable dedicated terminal 202 via 
the Internet 204 for storing. . . 

...0308] At this time, as shown in FIG. 13B, the intermediate 
server 201 adds the customer ID to the customer 
information by the customer information updating part 215, and 
stores them in the customer database 210 as customer 
registration information to register the customer. In this manner, 
the intermediate server 201 accepts a registration request from a 
customer at any time, and executes the customer 
registration processing. . . 

...it adds this to the contents of the content specifying data as 

additional customer information, and updates them. Then, the 
intermediate 

server 201 sends the content specifying data from the sending part 
214 to the agency via the Internet 204... 

...0311] In this manner, the intermediate server 201 relays content 
data from the portable dedicated terminal 202 to the agency every time 
when the customer uses the agency on the Internet 204, so that as 
shown in FIG. 15, the intermediate server 201 adds accessed genre 
information representing the genre of the content data that the... 

...0323] If the advertiser and/or company introducing information is 
generated, the matching part 216 temporarily stores the 
customer registration information and the customer's taste 
information that were used to generate that, in the advertiser /company 
information extracting part 223... 

...0325] Thereby, the intermediate server 201 shown in FIG. 11 can 

introduce the advertiser and/or company that can provide distribution 

data useful for the customer, to the customer who requested 

the introduction of advertisers and/or companies. At the same time, 

the 

intermediate server 201 can introduce the customer who 
needs their providing of distribution data to the 
advertisers/companies 



...server 201 receives this by the receiving part 212, forbids the 
matching 

part 216 to generate customer introducing information, and awaits 
sending 

of approval-by-customer data from the portable dedicated 
terminal 202 of the above customer again... 

...0327] Note that, when the intermediate server 201 introduces the 
customer to an advertiser and/or a company, it collects 
charges for the introduction of the customer from the 
advertiser and/or company... 



...contract should be concluded with the customer introduced from the 
intermediate server 201, by referring to the contract terms and the 
using 

state of the Internet or the like, by the customer selecting part 
237 based on the customer introducing data. . . 

...0340] At this time, the advertiser/company server 203 notifies the 
sending control part 231 of that to contract with the customer was 
decided, by the customer selecting part 237. Thereby, the 
advertiser/company server 203 properly selects and reads 
distribution data matching with the customer's taste from 
among various distribution data previously stored in the 
distribution information database 236, and sends thus read 
distribution data from the sending part 232 to the customer's 
portable dedicated terminal 202 via the Internet 204, by the 
sending control part 231... 

...0341] In this manner, the advertiser /company server 203 can properly 
provide distribution data matching with the customer's taste to 
the contracting customer... 

. . .registration request data by a request data generating part 241, and 
sends this from a sending part 242 to the intermediate server 201 via 

the 

Internet 204 .. . 

...0344] The portable dedicated terminal 202 receives customer 
registering 

screen data sent from the intermediate server 201 by a receiving part 
243 

via the Internet 204, and transmits this to a reproducing 
part 244 composed of a display control part, a display part, a 
speaker, 

etc. Thereby, a customer registering screen based on... 

...0352] As a result, if advertiser /company introducing data is sent 
from 

the intermediate server 201 via the Internet 204, the portable 
dedicated terminal 202 receives this by the receiving part 243, and 
transmits this to the reproducing part 244. An advertiser and/or 
company to be introduced from the intermediate server 201 is shown to 
the 

customer by . . . 

...0354] As a result, if contract conclusion data is sent from the 
intermediate server 201 via the Internet 204 by that the 
advertiser or the company contracted with the customer, the portable 
dedicated terminal 202 receives this by the receiving part 243, and 
transmits this to the reproducing part 244. Thereby, the 
conclusion of the contract with the advertiser /company is notified to 

the 

customer . . . 

...0355] If the distribution data is sent from the 

advertiser/company server 203 being under contraction with the 
customer, 

the portable dedicated terminal 202 receives this by the receiving... 



...company is entered by the above customer by the operating part 240, 
the 

portable dedicated terminal 202 generates 
selection-of-advertiser-and/or-company disapproval data 
representing that selection disapproval information by the request 
data generating part 241, and sends this from the sending part 242 
to the intermediate server 201 via the Internet 204... 

...0360] Thereby, in the advertiser /company server 202, when the 
content data rented from the agency is erased from the recording 
medium for agency 247 on the expiration of the rental term, that the 

data 

such as the customer ID and the distribution data obtained for the 
customer from the servers are erroneously erased with the above 
content data, can be surely prevented. .. If the portable dedicated 
terminal 202 receives the advertiser and/or company introducing data 

by 

the receiving part 243, in step SP132, the portable dedicated 
terminal 202 transmits this to the reproducing part 244 to show 
the customer the advertiser and/or the company that was introduced 
from the intermediate server 201. Then, the portable dedicated 
terminal 202 returns to step SP127 and repeats the processing of 
steps SP127-SP128-SP129-SP130-SP131-SP132 again. The advertiser and/or 
company introducing processing. . . 

...or not to contract with the customer by the customer selecting part 
237, 

by referring to the contract terms and the using state of the 
Internet 204 based on the customer introducing data. . . 

...0405] In step SP186, the advertiser/company server 203 properly 
reads 

distribution data matching with the taste of the contracting 
customer from the distribution information database 236 by the 
sending control part 231, and sends this from the sending part 232 to 
the 

customer's portable dedicated terminal 202 via the Internet 204. 
Then, the advertiser /company server 203 proceeds to step SP184 to 
finish 

the processing in the advertiser /company server 203... 

...server 201 proceeds to step SP175 to send the contract inconclusion 
data 

from the sending part 214 to the portable dedicated terminal 202 via 
the 

Internet 204 to notify the customer of that a contract with the 
advertiser/company did not conclude. Then, the intermediate server 201 
proceeds to step SP176... 

...0417] According to the above configuration, in this data providing 
system 200, an advertiser or a company that provides distribution 
data to the customer on the Internet 204 is registered by that the 
intermediate server 201 obtains advertiser /company information from 

the 

advertiser/company server 203 of the advertiser /company and stores... 



.0425] In this data providing system 200, if the portable dedicated 



terminal 202 obtains distribution data from the server, it 
records the distribution data in the recording medium for 
customer 246 different from the recording medium for agency 
247 by discriminating this from the content data recorded in the 
recording medium for agency 247. Thereby, when the... 

. . .data is sent to the advertiser /company server 203, it can be 
remarkably 

reduced that the advertiser and/or company abandons the contract with 
the 

customer owing to the contract term. Thus, a probability that the 
contract is concluded between the customer and the advertiser 
and/or company can be improved, and the request of the customer 
that wants to contract with the advertiser and/or company can be 
further 

accurately taken up. . . 

...0433] In this case, the intermediate server 261 registers the 
customer 

who uses the Internet 204 by means of the portable dedicated 
terminal 262 by storing the customer registration information in a 
customer database 265 similarly to the intermediate server 201 
described 

above with reference to FIG. 11, and also registers an 

advertiser/company 

that can provide distribution data to the customer on the 
Internet 204 by means of the advertiser/company server 2 03 by 
storing the advertiser /company registration information in the 

advertiser 

and company database 211... 

...information read from the advertiser and company database 211, and 
sends 

this from the sending part 214 to the portable dedicated terminal 262 
via 

the Internet 204 as advertiser /company introducing data... 

...0439] In this manner, the intermediate server 261 introduces an 
advertiser and/or company that can provide distribution data 
matching with customer's taste to the customer who permitted the 

release 

of the customer information to the advertiser and/or the company. . . 

...0442] As a result, if the customer information input screen data is 
sent from the intermediate server 261 via the Internet 204, the 
portable dedicated terminal 262 receives this by a receiving part 271, 
and transmits this to the reproducing part 244. Thus, a customer 
information input screen based on the customer information input 

screen 

data is displayed ... 0 449 ] In step SP202, the intermediate server 
261 reads customer information input screen data from the 
customer database 265 based on the received customer 
approval data by the customer information updating part 267, and 
sends this from the sending part 214 to the portable dedicated 
terminal 262, and then proceeds to step SP203... 
...0454] In step SP205, the intermediate server 261 generates 
advertiser and/or company introducing data based on the 



advertiser/company registration information read from the 
advertiser and company database 211, and sends this from the sending 
part 

214 to the portable dedicated terminal 262 to introduce the 
advertiser and/or the company to the customer. Then, the 
intermediate server 261 proceeds to step SP206 to finish the 
processing in the intermediate server 261... 

...of the release of the customer information to the advertiser and/or 
company, or even at the time when the customer does not use the 
Internet 204 frequently because the customer just began to use the 
portable dedicated terminal 262, the intermediate server 261 can 
accurately grasp the customer's interest, and can introduce the 
advertiser and/or the company that can provide distribution data 
desired by the customer to the customer... 

. . .However, this invention is not only limited to this but also, 
provided 

that it is a device by which the customer can connect to the 
Internet 204 such as a personal computer, a portable telephone, a 
PDA, the intermediate server 261 can be used by means of various data 
obtaining devices other than that. Thereby, further more customers 
can use the introduction of an advertiser and/or a company by the 
intermediate server 261, and the system... 

...0474] The data providing server 301 can be connected to the portable 
dedicated terminal 303 that was purchased/rented to the customer on 

the 

Internet. If the data providing server 301 obtains request data 

for requesting the obtaining of content data (by purchase or rental) 

is 

sent from the portable... 

...customer enters confirmation information for confirming that the 
content 

selecting screen is customized as he/she requested by the operating 
part 

341, the portable dedicated terminal 303 generates confirmation 
data by the request data generating part 344, and sends this from the 
sending part 345 to the data providing server 301 to store the 
screen customizing information representing the contents of 
customizing 

that the customer requested in the data providing server 
301. . . 

...0504] After the screen customizing data was stored in the data 
providing server 301, the portable dedicated terminal 303 
sends content obtaining request data to the data providing server 301. 
The portable dedicated terminal 303 receives the customized screen 
data from the data providing server 301 by the receiving part 346, and 
transmits this to the reproducing part 343... 0521] Here, in the 
selection confirming screen 355, the title of the content data 
selected by the customer, customer's name, customer ID, password, etc. 
are displayed. The portable dedicated terminal 303 moves the cursor 
according to the customer's operation of the operating part 341, so 

that 

the rental term or purchase of content data can be entered. If the 
rental term or purchase is entered, charges for the 



rental/purchase of the content data are displayed responding to 
that. . . 



...0534] In step SP212, the portable dedicated terminal 303 

generates obtaining request data by the request data generating part 
344 

and sends this from the sending part 345 to the data providing 
server 301, and proceeds to step SP213... 

...0536] In step SP223, the data providing server 301 awaits that 
obtaining request data is sent from the portable dedicated 
terminal 303. If the data providing server 301 receives the 
obtaining request data by the receiving part 312, the data providing 
server 301 proceeds to step SP224 to read the content 

selecting screen data from the content database 311 by the retrieving 
part 315, and sends this from the sending part 314 to the portable 
dedicated terminal 303, and then proceeds to step SP225... 

...0537] At this time, in step SP213, the portable dedicated 
terminal 303 awaits that content selecting screen data is sent 
from the data providing server 301. If the portable dedicated terminal 
303 receives the content selecting screen data by the receiving 
part 346, it transmits the content selecting screen data to 
the reproducing part 343 to display the picture of exterior of shop 

350 

being the content selecting screen, and then proceeds to step 
SP214. . . 

...0538] In step SP214, the portable dedicated terminal 303 starts a 
subroutine described later. If specifying information is entered on 
each 

picture forming the content selecting screen by the customer's 
operation of the operating part 341, the portable dedicated terminal 
303 

proceeds to step SP215... 

...0539] In step SP215, the portable dedicated terminal 303 generates 
content specifying data by the request data generating part 344, 
and sends this from the sending part 345 to the data providing server 
301, and then. . . 

...in step SP225, the data providing server 301 starts a subroutine 
described later. The data providing server 301 properly reads each 
picture data forming the content selecting screen data and 
commercial data from the content database 311 by the retrieving 
part 315, and sends this from the sending part 314 to the portable 
dedicated terminal 303. Then, if the data... 

...0549] In step SP235, the portable dedicated terminal 303 

transmits the received picture data to the reproducing part 343 to 
newly display a picture based on the picture data instead of the 

picture 

of the content selecting screen being displayed at present... 

...of the above steps 

SP231-SP232-SP233-SP23 4-SP235-SP236-SP23 7-SP23 8-SP239. Thereby, the 
portable dedicated terminal 303 can make the customer select desired 



content data by displaying each picture of the content 

selecting screen while properly switching the display while mixing the 
advertisement of a content by the reproducing part 343... 

..step SP236, if the portable dedicated terminal 303 confirms that the 
confirmation button 368 was selectively specified on the selection 
confirming screen 355 of the content selecting screen, it pulls 
out of this subroutine and proceeds to step SP215 of the content 
providing processing procedure in the portable dedicated terminal 303 
described above with reference to FIG. 32A. . . 

..data from the data providing server 301. If the portable dedicated 
terminal 303 receives the customizing registering screen data by the 
receiving part 346, it transmits this to the reproducing part 343 
to display a customizing registering screen based on the customizing 
registering screen data, and proceeds to step SP264 ... content data D21 
that the customer wants to rent, equivalent exchange information 
representing whether or not equivalent exchange had performed, rental 
term, and method of payment for rental charge is included 
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Description of the Drawings: 

...FIG. 53C shows an example of a BILLING method. 



Description of the Invention: 

...the same key is used for encryption and decryption could be used 

in 

place of DES encryption and decryption. The preferred embodiment can 
support a plurality of decryption/encryption techniques using 
multiple dedicated circuits within encrypt /decrypt engine 522 and/or 
the 

processing arrangement within SPU 500... 

. . .An optional compression/decompression engine 546 may be provided 
within 

an SPU 500 to, for example, compress and/or decompress content 
stored in, or released from, VDE objects 300. 
Compress ion /decompress ion 

engine 546 may implement one or more compression algorithms using 
hardware circuitry to improve the... 

...on microprocessor 520, or outside SPU 500. Decompression is important 
in 

the release of data such as video and audio that is usually compressed 
before distribution and whose decompression speed is important. In 
some cases, information that is useful for usage monitoring purposes 
(such as record separators or other delimiters) is... eases network 
management and support... 

. . .processing based on independently deliverable secure components 

...Procedure Call" ("RPC") internal processing request structure. 

Cooperating processors may request interprocess services using a RPC 
mechanism, which is minimally time dependent and can be 
distributed over cooperating processors on a network of hosts. The 
multi-processor architecture provided by ROS 602 is easily extensible 

to 

support any number of host... 

. . .ROS 602 provides distribution of control information, including 

for example the distribution of control structures required to permit 
"agents" to operate in remote environments. Thus, ROS 602 provides 
facilities. . . 

...controlling one or more aspects of usage) may prepare audits for a 
distributor and format requests associated with the usage control for 
processing by a distributor. Processes at either end of a 
reciprocal control may be further controlled by other processes (e.g., 

a 

distributor may be limited by a budget for the number of usage 
control mechanisms they may produce) . Reciprocal control mechanisms 
may 

extend over many sites and many levels (e.g., a creator to a 
distributor to a user) and may take any relationship into account 
(e.g., creator/distributor, distributor/user, user/user, 
user/creator, user /creator /distributor , etc.) Reciprocal control 
mechanisms have many uses in VDE 100 in representing relationships and 
agreements in a distributed environment... 

...scalable. Many portions of ROS 602 control structures and kernel (s) 

are 

easily portable to various host platforms without recompilation . Any 



control structure may be distributed (or redistributed) if 
a granting authority permits this type of activity. The executable 
references within ROS 602 are portable within a target platform. 
Different instances of ROS... 

...or more "method cores," method parameters and other associated data 
structures that ROS 602 may collect and assemble together to perform a 
task such as billing or metering. Different users may have 
different combinations of elements, and some of the elements may be 
customizable by users with appropriate authorization. This 

increases . . . 

...validates its various components. ROS 602 correlates control and data 
structure components to prevent unauthorized use of elements. These 
features permit ROS 602 to independently distribute elements, and 
also allows integration of VDE functions 604 with non-secure "other" 

OS 

functions 606 . . . 

...format such as method options to an end-user. An end-user may then 

customize the actual control information used within guidelines 
provided 

by a distributor or content creator. Modification and 
update of existing control structures is preferably also a 
controllable 

event subject to auditing and control information... 
...be created by "adding on" to existing operating systems. This 
involves 

hooking VDE "add ons" to the host operating system at the device 
driver 

and network interface levels. Alternatively, ROS 602 may comprise 
a wholly new operating system that integrates both VDE functions and 
other operating system f unctions ... as keyboard 612, display 614, other 
devices such as a "mouse" pointing device and speech recognizer 613, 
modem 618, printer 622, and an adapter for network 672. Kernel 680 
may also be responsible for initially loading the remainder of ROS 
602, 

and may manage the various ROS tasks (and associated underlying. . . 

. . .User Notification/Exception Interface 686 in the preferred 
embodiment (which may be considered part of API 682 or another 
application coupled to the API) provides "pop up" windows/displays on 
display 614. This allows ROS 602 to communicate directly with a user 
without having. . . 

...object 300. This application may reference structures provided by 
other 

parties. Such references might, for example, take the form of a 
control 

path that uses content creator structures to meter user 
activities; and structures created/owned by a financial provider to 
handle financial parts of a content distribution 

transaction (e.g., defining a credit budget that must be present in a 
control structure to establish creditworthiness, audit processes which 
must be performed by the licensee, etc.). As another example, a 
distributor may give one user more favorable pricing than another 
user by delivering different data elements defining pricing to 



different users. This attribute of supporting multiple party securely, 
independently deliverable control information is fundamental to 
enabling electronic commerce, that is, defining of a content 
and/or appliance control information set that represents the 
requirements 

of a collection of independent parties such as content creators, 
other content providers, financial service providers, and/or users 



...ROS 602 generates component assemblies 690 in a secure manner. As 
shown 

graphically in FIGS. Ill and 11J, the different elements 

comprising a component assembly 690 may be "interlocking" in the sense 

that they can only go together in ways that are intended by the... 

...element intended by the VDE content distributor, then the person 
could 

establish a price of zero instead of the price the content distributor 
intended to charge. Similarly, if the element establishes an 
electronic credit card, then an ability to substitute a different 
element 

could have disastrous consequences in terms of allowing a person to 
charge her usage to someone else's (or a non-existent) credit 
card. These are merely a few simple examples demonstrating the 
importance 

of ROS 602. . . 

...The PERC 808 may reference one or more method "cores" 1000'. A method 
core 1000' may define a basic "method" 1000 (e.g., "control," " 
billing," "metering," etc... 

...a lower cost SPU 500. It also provides an extremely high level of 
configurability. In fact, ROS 602 will accommodate an almost unlimited 
diversity of content types, content provider objectives, 
transaction types and client requirements. In addition, the ability to 
dynamically assemble independently deliverable components at 
execution time based on particular objects and users provides a high 
degree of flexibility, and facilitates or enables a distributed 
database, processing, and execution environment .. .API Service 742 

(this 

API service is connected to user API 682 in the preferred 
embodiment . . . 

...system services provided by ROS 602 are invoked by using an RPC 
service 

interface (RSI). This RPC service interface provides a generic, 
standardized interface for different services systems and 
subsystems provided by ROS 602... 

...forwarding to a HPE . In one preferred embodiment, SPE 503 and BPE 655 
may perform essentially the same services so that RSIs 736a, 738a are 
different instances of the same RSI. Once a service request has 
been received by SPE 503 (or HPE 655), the SPE (or HPE) typically 
dispatches the... 

...what state an application is in. User notification services manager 
740 

and interface 686 provides ROS 602 with a mechanism to communicate 



directly with a user, instead of or in addition to passing a 
return call through API 682 and an application 608. This is similar, 
for 

example, to the ability of the Windows operating system to display a 
user message in a "dialog box" that displays "on top of" a running 
application irrespective of the state of the application... 

...The User Notification 686 block in the preferred embodiment may 

be implemented as application code. The implementation of interface 
740a 

is preferably built over notification service manager... 

...as part of API service manager 742. Notification services manager 740 
in 

the preferred embodiment provides notification support to dispatch 
specific notifications to an appropriate user process via the 
appropriate API return, or by another path. This mechanism permits 
notifications to be routed to any authorized process-not just back 

Name Services Manager 752 supports three subservices: user name 
services, 

host name services, and services name services. User name services 
provides mapping and lookup between user name and user ID 
numbers, and may also support other aspects of user-based 
resource and information security. Host name services provides mapping 
and lookup between the names (and other information, such as for 
example 

address, communications connection... 

. . .Part of the object definition task 1220 in the preferred embodiment 
may 

be to analyze the content or other information to be placed within 
an object. Object definition user interface 774a may issue calls to 
object switch 734 to analyze "content" or other information that 
is to be included within the object to be created in order to define 

or 

organize the content into "atomic elements... 

...Communications subsystem 776, as discussed above, may be a 
conventional 

communications service that provides a network manager 780 and a 
mail gateway manager 782. Mail filters 784 may be provided to 
automatically route objects 300 and other VDE information to/from the 
outside world. Communications subsystem 776 may support a real time 
content feed 684 from a cable, satellite or other 
telecommunications link... 

...supporting execution of only one task at a time. For example, a 
typical 

set top implementation of SPU 500 may perform simple metering, 
budgeting 

and billing using subsets of VDE methods combined into single 
"aggregate" load modules to permit the various methods to execute in a 
single tasking environment. However, an... 
...a number of different tasks/methods such as a "channel" task, a 

"control" task, an "event" task, a "meter" task, a "budget" task, and 



billing" task. Depending on the size of SPU RAM 532, "swap blocks" 
may be swapped out of RAM and stored temporarily on secondary storage 
652 

until . . . 
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